Skip to content

X
xzxt-shiro
Commit 7ea8cfca by liuyongshuai Committed by liuyongshuai
Options

增加用户的增删改查,修改登陆方式,采用3.0的数据进行shiro验证。

parent a4ad8656
Showing with 2654 additions and 322 deletions
doc/sql/A0003_20180719创建用户权限视图.txt 0 → 100644
DROP VIEW XZXT.VW_USER_PERMISSION;
DROP VIEW XZXT.VW_USER_PERMISSION;
/* Formatted on 2018/7/19 星期四 11:06:56 (QP5 v5.115.810.9015) */
CREATE OR REPLACE FORCE VIEW XZXT.VW_USER_PERMISSION
(
ID,
NAME,
MENUNAME,
PERMISSION,
URL,
FLAG,
TYPE,
ZINDEX,
PID,
USERID
)
AS
SELECT sys_permission_new.id AS id,
sys_permission_new.name AS name,
sys_permission_new.MENUNAME AS MENUNAME,
sys_permission_new.PERMISSION AS PERMISSION,
sys_permission_new.url AS url,
sys_permission_new.FLAG AS FLAG,
sys_permission_new.TYPE AS TYPE,
sys_permission_new.zindex AS zindex,
sys_permission_new.PID AS PID,
sys_user_role.USER_ID AS userid
FROM ( ( sys_user_role
LEFT JOIN
Sys_role_permission
ON ( (sys_user_role.role_id = Sys_role_permission.ROLEID)))
LEFT JOIN
sys_permission_new
ON ( (Sys_role_permission.PERMISSIONID = sys_permission_new.id)));
\ No newline at end of file
doc/sql/A0004_20180719权限数据.txt 0 → 100644
SET DEFINE OFF;
SET DEFINE OFF;
Insert into SYS_PERMISSION_NEW
(ID, NAME, PID, PERMISSION, URL, TYPE, LRR, LRSJ, GXR, GXSJ, SCBZ, FLAG)
Values
('A0201', '命案管理', 'A0201', '暂无', '暂无', '01', 'admin', TO_DATE('05/29/2018 04:03:00', 'MM/DD/YYYY HH24:MI:SS'), 'admin', TO_DATE('07/17/2018 15:51:42', 'MM/DD/YYYY HH24:MI:SS'), 0, 1);
Insert into SYS_PERMISSION_NEW
(ID, NAME, MENUNAME, PID, PERMISSION, URL, LRR, LRSJ, GXR, GXSJ, SCBZ, FLAG)
Values
('Z02', '系统资源', '系统资源', '暂无', 'pagejump:*', '/admin/pagejump/**', 'admin', TO_DATE('06/09/2018 00:41:28', 'MM/DD/YYYY HH24:MI:SS'), 'admin', TO_DATE('07/17/2018 09:40:17', 'MM/DD/YYYY HH24:MI:SS'), 0, 1);
Insert into SYS_PERMISSION_NEW
(ID, NAME, MENUNAME, PID, PERMISSION, URL, LRR, LRSJ, GXR, GXSJ, SCBZ, FLAG)
Values
('Z01', '系统管理', '系统管理', '暂无', 'admin:*', '/admin/**', 'admin', TO_DATE('06/09/2018 00:57:43', 'MM/DD/YYYY HH24:MI:SS'), 'admin', TO_DATE('07/17/2018 09:41:06', 'MM/DD/YYYY HH24:MI:SS'), 0, 1);
Insert into SYS_PERMISSION_NEW
(ID, NAME, MENUNAME, PID, PERMISSION, URL, TYPE, LRR, LRSJ, SCBZ, FLAG)
Values
('Z0101', '系统设置', '系统设置', '0', 'permission', 'permission', '00', 'admin', TO_DATE('07/17/2018 10:01:52', 'MM/DD/YYYY HH24:MI:SS'), 0, 1);
Insert into SYS_PERMISSION_NEW
(ID, NAME, MENUNAME, PID, PERMISSION, URL, TYPE, LRR, LRSJ, SCBZ, FLAG)
Values
('Z010101', '个人中心', '个人中心', 'Z0101', 'member:*', '/admin/member/**', '00', 'admin', TO_DATE('07/17/2018 11:22:52', 'MM/DD/YYYY HH24:MI:SS'), 0, 1);
Insert into SYS_PERMISSION_NEW
(ID, NAME, MENUNAME, PID, PERMISSION, URL, TYPE, LRR, LRSJ, SCBZ, FLAG)
Values
('Z01010101', '个人资料', '个人资料', 'Z010101', 'member:index', '/admin/member/index', '00', 'admin', TO_DATE('07/17/2018 11:24:33', 'MM/DD/YYYY HH24:MI:SS'), 0, 1);
Insert into SYS_PERMISSION_NEW
(ID, NAME, MENUNAME, PID, PERMISSION, URL, TYPE, LRR, LRSJ, SCBZ, FLAG)
Values
('Z01010102', '密码修改', '密码修改', 'Z010101', 'member:updatepwd', '/admin/member/updatepwd/', '00', 'admin', TO_DATE('07/17/2018 11:25:50', 'MM/DD/YYYY HH24:MI:SS'), 0, 1);
Insert into SYS_PERMISSION_NEW
(ID, NAME, MENUNAME, PID, PERMISSION, URL, TYPE, LRR, LRSJ, SCBZ, FLAG)
Values
('Z010102', '用户中心', '用户中心', 'Z0101', 'usercenter', '/admin/user/**', '00', 'admin', TO_DATE('07/17/2018 11:27:17', 'MM/DD/YYYY HH24:MI:SS'), 0, 1);
Insert into SYS_PERMISSION_NEW
(ID, NAME, MENUNAME, PID, PERMISSION, URL, TYPE, LRR, LRSJ, SCBZ, FLAG)
Values
('Z01010201', '用户管理', '用户管理', 'Z010102', 'user:index', '/admin/user/index', '00', 'admin', TO_DATE('07/17/2018 11:31:45', 'MM/DD/YYYY HH24:MI:SS'), 0, 1);
Insert into SYS_PERMISSION_NEW
(ID, NAME, MENUNAME, PID, PERMISSION, URL, TYPE, LRR, LRSJ, SCBZ, FLAG)
Values
('Z010103', '系统权限', '系统权限', 'Z0101', 'permissioncenter', 'permissioncenter', '00', 'admin', TO_DATE('07/17/2018 11:32:40', 'MM/DD/YYYY HH24:MI:SS'), 0, 1);
Insert into SYS_PERMISSION_NEW
(ID, NAME, MENUNAME, PID, PERMISSION, URL, TYPE, LRR, LRSJ, SCBZ, FLAG)
Values
('Z01010301', '角色管理', '角色管理', 'Z010103', 'role:index', '/admin/role/index', '00', 'admin', TO_DATE('07/17/2018 11:34:16', 'MM/DD/YYYY HH24:MI:SS'), 0, 1);
Insert into SYS_PERMISSION_NEW
(ID, NAME, MENUNAME, PID, PERMISSION, URL, TYPE, LRR, LRSJ, SCBZ, FLAG)
Values
('Z01010302', '权限管理', '权限管理', 'Z010103', 'permission:index', '/admin/permission/index', '00', 'admin', TO_DATE('07/17/2018 11:35:16', 'MM/DD/YYYY HH24:MI:SS'), 0, 1);
Insert into SYS_PERMISSION_NEW
(ID, NAME, MENUNAME, PID, PERMISSION, URL, TYPE, LRR, LRSJ, SCBZ, FLAG)
Values
('Z01010303', '菜单管理', '菜单管理', 'Z010103', 'menu:index', '/admin/menu/index', '00', 'admin', TO_DATE('07/17/2018 11:35:59', 'MM/DD/YYYY HH24:MI:SS'), 0, 1);
Insert into SYS_PERMISSION_NEW
(ID, NAME, PID, PERMISSION, URL, TYPE, LRR, LRSJ, GXR, GXSJ, SCBZ, FLAG)
Values
('A020101', '案件管理', 'A0201', '暂无', '暂无', '01', 'admin', TO_DATE('05/31/2018 12:59:40', 'MM/DD/YYYY HH24:MI:SS'), 'admin', TO_DATE('07/17/2018 15:51:15', 'MM/DD/YYYY HH24:MI:SS'), 0, 1);
Insert into SYS_PERMISSION_NEW
(ID, NAME, MENUNAME, PID, PERMISSION, URL, TYPE, LRR, LRSJ, SCBZ, FLAG)
Values
('A0201010201', '侦查终结信息维护采集', '侦查终结信息维护采集', 'A02010102', '暂无', '暂无', '01', 'admin', TO_DATE('07/04/2018 15:16:40', 'MM/DD/YYYY HH24:MI:SS'), 0, 1);
Insert into SYS_PERMISSION_NEW
(ID, NAME, PID, PERMISSION, URL, TYPE, LRR, LRSJ, GXR, GXSJ, SCBZ, FLAG)
Values
('A02010101', '立案信息维护', 'A020101', '暂无', '暂无', '01', 'admin', TO_DATE('07/03/2018 16:20:29', 'MM/DD/YYYY HH24:MI:SS'), 'admin', TO_DATE('07/17/2018 15:46:27', 'MM/DD/YYYY HH24:MI:SS'), 0, 1);
Insert into SYS_PERMISSION_NEW
(ID, NAME, PID, PERMISSION, URL, TYPE, LRR, LRSJ, GXR, GXSJ, SCBZ, FLAG)
Values
('A02010102', '侦查终结信息维护', 'A020101', '暂无', '暂无', '01', 'admin', TO_DATE('07/04/2018 10:14:34', 'MM/DD/YYYY HH24:MI:SS'), 'admin', TO_DATE('07/17/2018 15:50:58', 'MM/DD/YYYY HH24:MI:SS'), 0, 1);
Insert into SYS_PERMISSION_NEW
(ID, NAME, PID, PERMISSION, URL, TYPE, LRR, LRSJ, GXR, GXSJ, SCBZ, FLAG)
Values
('A02010103', '部权修改申请', 'A02010201', '暂无', '暂无', '01', 'admin', TO_DATE('07/04/2018 10:15:41', 'MM/DD/YYYY HH24:MI:SS'), 'admin', TO_DATE('07/17/2018 15:47:41', 'MM/DD/YYYY HH24:MI:SS'), 0, 1);
Insert into SYS_PERMISSION_NEW
(ID, NAME, PID, PERMISSION, URL, TYPE, LRR, LRSJ, GXR, GXSJ, SCBZ, FLAG)
Values
('A02010104', '案件编号转换', 'A020101', '暂无', '暂无', '01', 'admin', TO_DATE('07/04/2018 10:16:10', 'MM/DD/YYYY HH24:MI:SS'), 'admin', TO_DATE('07/17/2018 15:48:12', 'MM/DD/YYYY HH24:MI:SS'), 0, 1);
Insert into SYS_PERMISSION_NEW
(ID, NAME, MENUNAME, PID, PERMISSION, URL, TYPE, LRR, LRSJ, SCBZ, FLAG)
Values
('A02010203', '审核', '审核', 'A020102', '暂无', '暂无', '01', 'admin', TO_DATE('07/04/2018 10:17:15', 'MM/DD/YYYY HH24:MI:SS'), 0, 1);
Insert into SYS_PERMISSION_NEW
(ID, NAME, MENUNAME, PID, PERMISSION, URL, TYPE, LRR, LRSJ, SCBZ, FLAG)
Values
('A02010201', '立案信息审批', '立案信息审批', 'A020102', '暂无', '暂无', '01', 'admin', TO_DATE('07/04/2018 10:18:03', 'MM/DD/YYYY HH24:MI:SS'), 0, 1);
Insert into SYS_PERMISSION_NEW
(ID, NAME, MENUNAME, PID, PERMISSION, URL, TYPE, LRR, LRSJ, SCBZ, FLAG)
Values
('A02010202', '侦查终结信息审批', '侦查终结信息审批', 'A020102', '暂无', '暂无', '01', 'admin', TO_DATE('07/04/2018 10:18:40', 'MM/DD/YYYY HH24:MI:SS'), 0, 1);
Insert into SYS_PERMISSION_NEW
(ID, NAME, MENUNAME, PID, PERMISSION, URL, TYPE, LRR, LRSJ, SCBZ, FLAG)
Values
('A02010204', '部权修改审批', '部权修改审批', 'A020102', '暂无', '暂无', '01', 'admin', TO_DATE('07/04/2018 10:19:10', 'MM/DD/YYYY HH24:MI:SS'), 0, 1);
Insert into SYS_PERMISSION_NEW
(ID, NAME, PID, PERMISSION, URL, TYPE, LRR, LRSJ, GXR, GXSJ, SCBZ, FLAG)
Values
('A02010301', '统计信息浏览', 'A020103', '暂无', '暂无', '01', 'admin', TO_DATE('07/04/2018 10:19:47', 'MM/DD/YYYY HH24:MI:SS'), 'admin', TO_DATE('07/17/2018 15:48:52', 'MM/DD/YYYY HH24:MI:SS'), 0, 1);
Insert into SYS_PERMISSION_NEW
(ID, NAME, PID, PERMISSION, URL, TYPE, LRR, LRSJ, GXR, GXSJ, SCBZ, FLAG)
Values
('A02010302', '统计分析', 'A020103', '暂无', '暂无', '01', 'admin', TO_DATE('07/04/2018 10:20:31', 'MM/DD/YYYY HH24:MI:SS'), 'admin', TO_DATE('07/17/2018 15:49:12', 'MM/DD/YYYY HH24:MI:SS'), 0, 1);
Insert into SYS_PERMISSION_NEW
(ID, NAME, PID, PERMISSION, URL, TYPE, LRR, LRSJ, GXR, GXSJ, SCBZ, FLAG)
Values
('A0201010303', '趋势分析', 'A020103', '暂无', '暂无', '01', 'admin', TO_DATE('07/04/2018 10:21:03', 'MM/DD/YYYY HH24:MI:SS'), 'admin', TO_DATE('07/17/2018 15:49:40', 'MM/DD/YYYY HH24:MI:SS'), 0, 1);
Insert into SYS_PERMISSION_NEW
(ID, NAME, MENUNAME, PID, PERMISSION, URL, TYPE, LRR, LRSJ, SCBZ, FLAG)
Values
('A02010304', '人员构成分析', '人员构成分析', 'A020103', '暂无', '暂无', '01', 'admin', TO_DATE('07/04/2018 10:21:39', 'MM/DD/YYYY HH24:MI:SS'), 0, 1);
Insert into SYS_PERMISSION_NEW
(ID, NAME, PID, PERMISSION, URL, TYPE, LRSJ, GXR, GXSJ, SCBZ, FLAG)
Values
('A020102', '审批管理', 'A0201', '暂无', '暂无', '01', TO_DATE('05/31/2018 15:44:58', 'MM/DD/YYYY HH24:MI:SS'), 'admin', TO_DATE('07/17/2018 15:50:33', 'MM/DD/YYYY HH24:MI:SS'), 0, 1);
Insert into SYS_PERMISSION_NEW
(ID, NAME, PID, PERMISSION, URL, TYPE, LRR, LRSJ, GXR, GXSJ, SCBZ, FLAG)
Values
('A020103', '信息应用', 'A0201', '暂无', '暂无', '01', 'admin', TO_DATE('07/02/2018 18:53:59', 'MM/DD/YYYY HH24:MI:SS'), 'admin', TO_DATE('07/17/2018 15:50:44', 'MM/DD/YYYY HH24:MI:SS'), 0, 1);
COMMIT;
src/main/java/com/shiro/demo/controller/LoginController.java
...@@ -17,56 +17,56 @@ import org.springframework.web.bind.annotation.RequestMethod; ...@@ -17,56 +17,56 @@ import org.springframework.web.bind.annotation.RequestMethod;
/** /**
* Created by changchao on 2018/6/22. * Created by changchao on 2018/6/22.
*/ */
@RequestMapping(value = "/") //@RequestMapping(value = "/")
@Controller //@Controller
public class LoginController { //public class LoginController {
private static final Logger logger = LoggerFactory.getLogger(LoginController.class); // private static final Logger logger = LoggerFactory.getLogger(LoginController.class);
@Autowired // @Autowired
private UserService userService; // private UserService userService;
//
@RequestMapping(value = "/login", method = RequestMethod.GET) // @RequestMapping(value = "/login", method = RequestMethod.GET)
public String login() { // public String login() {
//
return "login"; // return "login";
} // }
//
@RequestMapping(value = "/login", method = RequestMethod.POST) // @RequestMapping(value = "/login", method = RequestMethod.POST)
public String login(User user, boolean rememberMe, Model model) { // public String login(User user, boolean rememberMe, Model model) {
String msg = null; // String msg = null;
try { // try {
//用户登录 // //用户登录
user = TokenUtil.login(user, rememberMe); // user = TokenUtil.login(user, rememberMe);
//
} catch (Exception e) { // } catch (Exception e) {
/*User login = userService.login(user.getUsername(), user.getPassword()); // /*User login = userService.login(user.getUsername(), user.getPassword());
if (login.getStatus() == 0) { // if (login.getStatus() == 0) {
msg = "用户已经被禁用,请联系管理员启用该账号"; // msg = "用户已经被禁用,请联系管理员启用该账号";
} else { // } else {
msg = "用户名或密码不正确"; // msg = "用户名或密码不正确";
}*/ // }*/
msg = "用户名或密码不正确"; // msg = "用户名或密码不正确";
} finally { // } finally {
if (msg == null) { // if (msg == null) {
return "redirect:/admin/pagejump/index"; // return "redirect:/admin/pagejump/index";
} // }
//
model.addAttribute("msg", msg); // model.addAttribute("msg", msg);
return "login"; // return "login";
} // }
} // }
//
@RequestMapping(value = "/logout", method = RequestMethod.GET) // @RequestMapping(value = "/logout", method = RequestMethod.GET)
public String logout(Model model) { // public String logout(Model model) {
Subject subject = SecurityUtils.getSubject(); // Subject subject = SecurityUtils.getSubject();
/*System.out.println("session信息已经成功清除!" + session.getAttribute("user")); // /*System.out.println("session信息已经成功清除!" + session.getAttribute("user"));
session.removeAttribute("user");*/ // session.removeAttribute("user");*/
subject.logout(); // subject.logout();
model.addAttribute("msg", "您已经退出登录,请重新登录"); // model.addAttribute("msg", "您已经退出登录,请重新登录");
return "login"; // return "login";
} // }
//
@RequestMapping(value = "/unAuthorization") // @RequestMapping(value = "/unAuthorization")
public String unAuthorization() { // public String unAuthorization() {
return "unAuthorization"; // return "unAuthorization";
} // }
} //}
src/main/java/com/shiro/demo/controller/PageJunpController.java
...@@ -19,37 +19,37 @@ import java.util.List; ...@@ -19,37 +19,37 @@ import java.util.List;
* @author changchao * @author changchao
* @date 2017年8月10日 上午11:15:56 * @date 2017年8月10日 上午11:15:56
*/ */
@RequestMapping("/admin/pagejump") //@RequestMapping("/admin/pagejump")
@Controller //@Controller
public class PageJunpController { //public class PageJunpController {
@Autowired // @Autowired
private UserService userService; // private UserService userService;
//
/** // /**
* 跳转到index主页 // * 跳转到index主页
* // *
* @param model // * @param model
* @return // * @return
*/ // */
@RequestMapping(value = "/index", method = RequestMethod.GET) // @RequestMapping(value = "/index", method = RequestMethod.GET)
public String index(Model model) { // public String index(Model model) {
//获取用户信息 // //获取用户信息
User user = TokenUtil.getUser(); // User user = TokenUtil.getUser();
Integer userId = user.getId(); // Integer userId = user.getId();
List<List<Permission>> list= userService.selectMenusByUserId(userId); // List<List<Permission>> list= userService.selectMenusByUserId(userId);
//System.out.println(list); // //System.out.println(list);
model.addAttribute("list", list); // model.addAttribute("list", list);
return "index"; // return "index";
} // }
//
/** // /**
* 跳转到welcome页面 // * 跳转到welcome页面
* // *
* @param model // * @param model
* @return // * @return
*/ // */
@RequestMapping(value = "/welcome", method = RequestMethod.GET) // @RequestMapping(value = "/welcome", method = RequestMethod.GET)
public String welcome(Model model) throws Exception { // public String welcome(Model model) throws Exception {
return "welcome"; // return "welcome";
} // }
} //}
src/main/java/com/shiro/demo/controller/admin/MemberController.java
...@@ -31,38 +31,38 @@ public class MemberController { ...@@ -31,38 +31,38 @@ public class MemberController {
* @param model * @param model
* @return * @return
*/ */
@RequestMapping(value = "/updatepwd", method = RequestMethod.GET) // @RequestMapping(value = "/updatepwd", method = RequestMethod.GET)
public String updatepwd(String msg, Model model) { // public String updatepwd(String msg, Model model) {
User user= TokenUtil.getUser(); // User user= TokenUtil.getUser();
model.addAttribute("user",user); // model.addAttribute("user",user);
return "admin/member/updatepwd"; // return "admin/member/updatepwd";
} // }
//
/** // /**
* 修改密码 // * 修改密码
* @param user // * @param user
* @param pwd // * @param pwd
* @param model // * @param model
* @return // * @return
*/ // */
@ResponseBody // @ResponseBody
@RequestMapping(value = "/updatepwd", method = RequestMethod.POST) // @RequestMapping(value = "/updatepwd", method = RequestMethod.POST)
public Integer update(User user, String pwd, Model model) { // public Integer update(User user, String pwd, Model model) {
String pwdKit = ShiroKit.md5(pwd, user.getUsername()); // String pwdKit = ShiroKit.md5(pwd, user.getUsername());
String password = userService.loadByUsername(user.getUsername()).getPassword(); // String password = userService.loadByUsername(user.getUsername()).getPassword();
if (pwdKit.equals(password)) { // if (pwdKit.equals(password)) {
//密码校验成功,执行修改密码操作 // //密码校验成功,执行修改密码操作
Integer i = userService.updatePwd(user); // Integer i = userService.updatePwd(user);
if (i == 1) { // if (i == 1) {
return 1; // return 1;
} else { // } else {
return 2; // return 2;
} // }
//
} else { // } else {
return 0; // return 0;
} // }
} // }
/** /**
* 跳转到我的权限页面 * 跳转到我的权限页面
...@@ -84,10 +84,10 @@ public class MemberController { ...@@ -84,10 +84,10 @@ public class MemberController {
model.addAttribute("user",user); model.addAttribute("user",user);
return "admin/member/mypermission"; return "admin/member/mypermission";
}*/ }*/
@RequestMapping(value = "/index",method = RequestMethod.GET) // @RequestMapping(value = "/index",method = RequestMethod.GET)
public String index(Model model){ // public String index(Model model){
User user= TokenUtil.getUser(); // User user= TokenUtil.getUser();
model.addAttribute("user",user); // model.addAttribute("user",user);
return "admin/member/detail"; // return "admin/member/detail";
} // }
} }
src/main/java/com/shiro/demo/controller/admin/UserController.java
...@@ -38,41 +38,41 @@ public class UserController { ...@@ -38,41 +38,41 @@ public class UserController {
* *
* @return * @return
*/ */
@RequestMapping(value = "/index", method = RequestMethod.GET) // @RequestMapping(value = "/index", method = RequestMethod.GET)
public String index(String msg,Model model) { // public String index(String msg,Model model) {
/*if (msg!=null&&msg!=""){ // /*if (msg!=null&&msg!=""){
model.addAttribute("msg","用户添加成功!"); // model.addAttribute("msg","用户添加成功!");
}*/ // }*/
return "admin/user/list"; // return "admin/user/list";
} // }
//
// /**
// * 根据条件获取用户列表
// *
// * @param user
// * @return
// */
// @ResponseBody
// @RequestMapping(value = "/list", method = RequestMethod.GET)
// public UserPage list(User user) {
// return userService.selectUserPage(user);
// }
/** // /**
* 根据条件获取用户列表 // * 跳转到用户添加页面
* // *
* @param user // * @param model
* @return // * @return
*/ // */
@ResponseBody // @RequestMapping(value = "/add", method = RequestMethod.GET)
@RequestMapping(value = "/list", method = RequestMethod.GET) // public String addIndex(Model model) {
public UserPage list(User user) { // List<Dept> depts = deptService.selectDepts();
return userService.selectUserPage(user); // List<Role> roles = roleService.selectRoles();
} //
// model.addAttribute("depts", depts);
/** // model.addAttribute("roles", roles);
* 跳转到用户添加页面 // return "admin/user/add";
* // }
* @param model
* @return
*/
@RequestMapping(value = "/add", method = RequestMethod.GET)
public String addIndex(Model model) {
List<Dept> depts = deptService.selectDepts();
List<Role> roles = roleService.selectRoles();
model.addAttribute("depts", depts);
model.addAttribute("roles", roles);
return "admin/user/add";
}
/** /**
* 添加用户---提交 * 添加用户---提交
...@@ -81,93 +81,93 @@ public class UserController { ...@@ -81,93 +81,93 @@ public class UserController {
* @param model * @param model
* @return * @return
*/ */
//
// @RequestMapping(value = "/add", method = RequestMethod.POST)
// public String add(User user, Model model) {
// User add = userService.add(user);
// if (add.getUsername() == null) {
// List<Dept> depts = deptService.selectDepts();
// List<Role> roles = roleService.selectRoles();
// model.addAttribute("depts", depts);
// model.addAttribute("roles", roles);
// model.addAttribute("user", user);
// model.addAttribute("msg", "登录已存在,请修改登录名!");
// return "admin/user/add";
// } else {
// return "redirect:/admin/user/index?msg=success";
// }
// }
@RequestMapping(value = "/add", method = RequestMethod.POST) // /**
public String add(User user, Model model) { // * 跳转到用户修改页面
User add = userService.add(user); // *
if (add.getUsername() == null) { // * @param userId
List<Dept> depts = deptService.selectDepts(); // * @param model
List<Role> roles = roleService.selectRoles(); // * @return
model.addAttribute("depts", depts); // */
model.addAttribute("roles", roles); // @RequestMapping(value = "/update/{userId}", method = RequestMethod.GET)
model.addAttribute("user", user); // public String updateInex(@PathVariable("userId") Integer userId, Model model) {
model.addAttribute("msg", "登录已存在,请修改登录名!"); // User user = userService.selectUserById(userId);
return "admin/user/add"; // List<Dept> depts = deptService.selectDepts();
} else { // List<Role> roles = roleService.selectRoles();
return "redirect:/admin/user/index?msg=success"; // model.addAttribute("depts", depts);
} // model.addAttribute("roles", roles);
} // model.addAttribute("user", user);
// return "admin/user/update";
/** // }
* 跳转到用户修改页面 //
* // /**
* @param userId // * 提交用户修改数据
* @param model // *
* @return // * @param user
*/ // * @return
@RequestMapping(value = "/update/{userId}", method = RequestMethod.GET) // */
public String updateInex(@PathVariable("userId") Integer userId, Model model) { // @RequestMapping(value = "/update", method = RequestMethod.POST)
User user = userService.selectUserById(userId); // public String update(User user,Model model) {
List<Dept> depts = deptService.selectDepts(); // User update = userService.update(user);
List<Role> roles = roleService.selectRoles(); // if(update!=null){
model.addAttribute("depts", depts); // model.addAttribute("msg", "用户修改成功!");
model.addAttribute("roles", roles); // return "redirect:/admin/user/index?msg=success";
model.addAttribute("user", user); // }else{
return "admin/user/update"; // List<Dept> depts = deptService.selectDepts();
} // List<Role> roles = roleService.selectRoles();
// model.addAttribute("depts", depts);
/** // model.addAttribute("roles", roles);
* 提交用户修改数据 // model.addAttribute("user", user);
* // model.addAttribute("msg", "用户失败成功!");
* @param user // return "admin/user/update";
* @return // }
*/ // }
@RequestMapping(value = "/update", method = RequestMethod.POST)
public String update(User user,Model model) {
User update = userService.update(user);
if(update!=null){
model.addAttribute("msg", "用户修改成功!");
return "redirect:/admin/user/index?msg=success";
}else{
List<Dept> depts = deptService.selectDepts();
List<Role> roles = roleService.selectRoles();
model.addAttribute("depts", depts);
model.addAttribute("roles", roles);
model.addAttribute("user", user);
model.addAttribute("msg", "用户失败成功!");
return "admin/user/update";
}
}
/** // /**
* 修改用户当前状态 // * 修改用户当前状态
* @param user // * @param user
* @return // * @return
*/ // */
@ResponseBody // @ResponseBody
@RequestMapping(value = "/updateState",method = RequestMethod.POST) // @RequestMapping(value = "/updateState",method = RequestMethod.POST)
public String updateState(User user) { // public String updateState(User user) {
Integer i=userService.updateStatusById(user); // Integer i=userService.updateStatusById(user);
if (i==1) { // if (i==1) {
return "success"; // return "success";
}else { // }else {
return "error"; // return "error";
} // }
} // }
/** /**
* 删除选择用户 * 删除选择用户
* @param user * @param user
* @return * @return
*/ */
@ResponseBody // @ResponseBody
@RequestMapping(value="/deleteUserById",method = RequestMethod.POST) // @RequestMapping(value="/deleteUserById",method = RequestMethod.POST)
public String deleteUserById(User user){ // public String deleteUserById(User user){
Integer i=userService.deleteUserById(user); // Integer i=userService.deleteUserById(user);
if (i==1) { // if (i==1) {
return "success"; // return "success";
}else { // }else {
return "error"; // return "error";
} // }
} // }
} }
src/main/java/com/shiro/demo/shiro/realm/MyRealm.java
...@@ -43,6 +43,7 @@ public class MyRealm extends AuthorizingRealm { ...@@ -43,6 +43,7 @@ public class MyRealm extends AuthorizingRealm {
System.out.println("--- MyRealm doGetAuthorizationInfo ---"); System.out.println("--- MyRealm doGetAuthorizationInfo ---");
// 获得经过认证的主体信息 // 获得经过认证的主体信息
User user = (User) principalCollection.getPrimaryPrincipal(); User user = (User) principalCollection.getPrimaryPrincipal();
System.out.println("-------------realm------------------"+user);
Integer userId = user.getId(); Integer userId = user.getId();
List<Permission> permissions = userService.selectPermissionsByUserId(userId); List<Permission> permissions = userService.selectPermissionsByUserId(userId);
List<String> roleSns = userService.selectRoleSnsByUserId(userId); List<String> roleSns = userService.selectRoleSnsByUserId(userId);
......
src/main/java/com/xzxtshiro/controller/LoginController.java 0 → 100644
package com.xzxtshiro.controller;
import com.xzxtshiro.pojo.SysUser;
import com.xzxtshiro.util.TokenUtil;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
/**
* @author liuys
* @desc
* @date 2018-07-12 17:01
*/
@RequestMapping(value = "/")
@Controller
public class LoginController {
@RequestMapping(value = "/login",method = RequestMethod.GET)
public String login(){
return "login";
}
@RequestMapping(value = "/login", method = RequestMethod.POST)
public String login(SysUser user, boolean rememberMe, Model model) {
String msg = null;
try {
//用户登录
user = TokenUtil.login(user, rememberMe);
} catch (Exception e) {
/*User login = userService.login(user.getUsername(), user.getPassword());
if (login.getStatus() == 0) {
msg = "用户已经被禁用,请联系管理员启用该账号";
} else {
msg = "用户名或密码不正确";
}*/
msg = "用户名或密码不正确";
} finally {
if (msg == null) {
return "redirect:/admin/pagejump/index";
}
model.addAttribute("msg", msg);
return "login";
}
}
@RequestMapping(value = "/unAuthorization")
public String unAuthorization() {
return "unAuthorization";
}
}
src/main/java/com/xzxtshiro/controller/PageJunpController.java 0 → 100644
package com.xzxtshiro.controller;
import com.xzxtshiro.pojo.SysPermissionNew;
import com.xzxtshiro.pojo.SysUser;
import com.xzxtshiro.service.SysUserService;
import com.xzxtshiro.util.TokenUtil;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import java.util.List;
/**
* 页面跳转controller
*
* @author changchao
* @date 2017年8月10日 上午11:15:56
*/
@RequestMapping("/admin/pagejump")
@Controller
public class PageJunpController {
@Autowired
private SysUserService userService;
/**
* 跳转到index主页
*
* @param model
* @return
*/
@RequestMapping(value = "/index", method = RequestMethod.GET)
public String index(Model model) {
//获取用户信息
SysUser user = TokenUtil.getUser();
String userId = user.getId();
List<List<SysPermissionNew>> list= userService.selectMenusByUserId(userId);
//System.out.println(list);
model.addAttribute("list", list);
return "index";
}
/**
* 跳转到welcome页面
*
* @param model
* @return
*/
@RequestMapping(value = "/welcome", method = RequestMethod.GET)
public String welcome(Model model) throws Exception {
return "welcome";
}
}
src/main/java/com/xzxtshiro/controller/admin/PermissionNewController.java
...@@ -80,6 +80,8 @@ public class PermissionNewController { ...@@ -80,6 +80,8 @@ public class PermissionNewController {
} }
permission.setLrr("admin"); permission.setLrr("admin");
permission.setLrsj(new Date()); permission.setLrsj(new Date());
permission.setMenuname(permission.getName());
permission.setFlag(1);
permission.setScbz(0); permission.setScbz(0);
System.out.println(permission); System.out.println(permission);
Integer add = permissionService.add(permission); Integer add = permissionService.add(permission);
......
src/main/java/com/xzxtshiro/controller/admin/SysMemberController.java 0 → 100644
package com.xzxtshiro.controller.admin;
import com.shiro.demo.pojo.User;
import com.shiro.demo.service.RoleService;
import com.shiro.demo.service.UserService;
import com.shiro.demo.util.ShiroKit;
import com.xzxtshiro.pojo.SysUser;
import com.xzxtshiro.service.SysRoleService;
import com.xzxtshiro.service.SysUserService;
import com.xzxtshiro.util.Base64PasswordEncrypter;
import com.xzxtshiro.util.TokenUtil;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
/**
* @author liuys
* @desc
* @date 2018-07-19 10:03
*/
@Controller
@RequestMapping("/admin/member")
public class SysMemberController {
@Autowired
private SysUserService userService;
@Autowired
private SysRoleService roleService;
/**
* 跳转到修改密码页面
* @param msg
* @param model
* @return
*/
@RequestMapping(value = "/updatepwd", method = RequestMethod.GET)
public String updatepwd(String msg, Model model) {
SysUser user= TokenUtil.getUser();
model.addAttribute("user",user);
return "admin/member/updatepwd";
}
/**
* 修改密码
* @param user
* @param pwd
* @param model
* @return
*/
@ResponseBody
@RequestMapping(value = "/updatepwd", method = RequestMethod.POST)
public Integer update(SysUser user, String pwd, Model model) {
String pwdKit = new Base64PasswordEncrypter().encryptPassword(pwd);
String password = userService.loadByUsername(user.getUsername()).getPassword();
if (pwdKit.equals(password)) {
//密码校验成功,执行修改密码操作
Integer i = userService.updatePwd(user);
if (i ==1) {
return 1;
} else {
return 2;
}
} else {
return 0;
}
}
@RequestMapping(value = "/index",method = RequestMethod.GET)
public String index(Model model){
SysUser user= TokenUtil.getUser();
model.addAttribute("user",user);
return "admin/member/detail";
}
}
src/main/java/com/xzxtshiro/controller/admin/SysUserController.java 0 → 100644
package com.xzxtshiro.controller.admin;
import com.xzxtshiro.pojo.BaseModel;
import com.xzxtshiro.pojo.SysDictitem;
import com.xzxtshiro.pojo.SysRole;
import com.xzxtshiro.pojo.SysUser;
import com.xzxtshiro.service.SysDictitemService;
import com.xzxtshiro.service.SysRoleService;
import com.xzxtshiro.service.SysUserService;
import com.xzxtshiro.util.Base64PasswordEncrypter;
import com.xzxtshiro.util.TokenUtil;
import net.sf.json.JSONArray;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import java.util.List;
/**
* @author liuys
* @desc
* @date 2018-07-17 16:06
*/
@Controller
@RequestMapping(value = "/admin/user")
public class SysUserController {
@Autowired
private SysUserService userService;
@Autowired
private SysRoleService roleService;
@Autowired
private SysDictitemService dictitemService;
/**
* 跳转到用户列表
*
* @return
*/
@RequestMapping(value = "/index", method = RequestMethod.GET)
public String index(String msg,Model model) {
/*if (msg!=null&&msg!=""){
model.addAttribute("msg","用户添加成功!");
}*/
return "admin/user/list";
}
/**
* 根据条件获取用户列表
*
* @param user
* @return
*/
@ResponseBody
@RequestMapping(value = "/list", method = RequestMethod.GET)
public BaseModel list(SysUser user) {
return userService.selectSysUserPage(user);
}
/**
* 跳转到用户添加页面
*
* @param model
* @return
*/
@RequestMapping(value = "/add", method = RequestMethod.GET)
public String addIndex(Model model) {
setAddCS(model,dictitemService,roleService);
return "admin/user/add";
}
/**
* 设置添加用户页面所需要的参数
*/
private static void setAddCS(Model model, SysDictitemService dictitemService, SysRoleService roleService) {
SysUser user = TokenUtil.getUser();
String unitStr = user.getUnitcode();
SysDictitem dictitem = new SysDictitem();
dictitem.setGroupid("CODE_UNIT");
dictitem.setCodeStr(unitStr.substring(0,2)+"%");
JSONArray unit = dictitemService.selectDictitemByCondition(dictitem);
JSONArray roles = roleService.selectSysRolesByCondition(null);
model.addAttribute("role",roles);
model.addAttribute("unit", unit);
}
/**
* 添加用户---提交
*
* @param user
* @param model
* @return
*/
@RequestMapping(value = "/add", method = RequestMethod.POST)
public String add(SysUser user, Model model) {
SysUser add = userService.add(user);
if (add.getUsername() == null) {
setAddCS(model,dictitemService,roleService);
model.addAttribute("user", user);
model.addAttribute("msg", "用户名已存在,请修改用户名!");
return "admin/user/add";
} else {
return "redirect:/admin/user/index?msg=success";
}
}
/**
* 跳转到用户修改页面
*
* @param id
* @param model
* @return
*/
@RequestMapping(value = "/update/{id}", method = RequestMethod.GET)
public String updateInex(@PathVariable("id") String id, Model model) {
SysUser user = userService.selectSysUserById(id);
//查询用户原先的角色
user.setPassword(new Base64PasswordEncrypter().decryptPassword(user.getPassword()));
List<SysRole> roles = userService.selectSysRoleByUserId(id);
JSONArray oldRole = JSONArray.fromObject(roles);
setAddCS(model,dictitemService,roleService);
model.addAttribute("oldRole", oldRole);
model.addAttribute("user", user);
return "admin/user/update";
}
/**
* 提交用户修改数据
*
* @param user
* @return
*/
@RequestMapping(value = "/update", method = RequestMethod.POST)
public String update(SysUser user,Model model) {
SysUser update = userService.update(user);
if(update!=null){
model.addAttribute("msg", "用户修改成功!");
return "redirect:/admin/user/index?msg=success";
}else{
//查询用户原先的角色
List<SysRole> roles = userService.selectSysRoleByUserId(user.getId());
JSONArray oldRole = JSONArray.fromObject(roles);
setAddCS(model,dictitemService,roleService);
model.addAttribute("oldRole", oldRole);
model.addAttribute("user", user);
model.addAttribute("msg", "用户修改失败!");
return "admin/user/update";
}
}
/**
* 修改用户当前状态
* @param user
* @return
*/
@ResponseBody
@RequestMapping(value = "/updateState",method = RequestMethod.POST)
public String updateState(SysUser user) {
Integer i=userService.updateStatusById(user);
if (i==1) {
return "success";
}else {
return "error";
}
}
/**
* 删除选择用户
* @param user
* @return
*/
@ResponseBody
@RequestMapping(value="/deleteUserById",method = RequestMethod.POST)
public String deleteUserById(SysUser user){
Integer i=userService.deleteUserById(user);
if (i==1) {
return "success";
}else {
return "error";
}
}
}
src/main/java/com/xzxtshiro/dao/SysDictitemDao.java 0 → 100644
package com.xzxtshiro.dao;
import com.xzxtshiro.pojo.SysDictitem;
import java.util.List;
/**
* @author liuys
* @desc
* @date 2018-07-18 10:19
*/
public interface SysDictitemDao {
/**
* 查询字典
*/
List<SysDictitem> selectDictitemByCondition(SysDictitem dictitem);
}
src/main/java/com/xzxtshiro/dao/SysRoleDao.java
...@@ -111,4 +111,12 @@ public interface SysRoleDao { ...@@ -111,4 +111,12 @@ public interface SysRoleDao {
* @return * @return
*/ */
int delectPermissionByRoleId(@Param("roleId") String roleId); int delectPermissionByRoleId(@Param("roleId") String roleId);
/**
* 根据用户id查询所拥有的角色信息
* @param userId
* @return
*/
List<SysRole> querySysRoleByUserId(@Param("userId") String userId);
} }
src/main/java/com/xzxtshiro/dao/SysUserDao.java 0 → 100644
package com.xzxtshiro.dao;
import com.shiro.demo.pojo.User;
import com.xzxtshiro.pojo.SysPermissionNew;
import com.xzxtshiro.pojo.SysRole;
import com.xzxtshiro.pojo.SysUser;
import com.xzxtshiro.pojo.SysUserRole;
import org.apache.ibatis.annotations.Param;
import java.util.List;
/**
* @author liuys
* @desc
* @date 2018-07-12 17:31
*/
public interface SysUserDao {
List<SysPermissionNew> selectSysPermissionsByUserId(String userId);
List<SysRole> selectSysRolesByUserId(String userId);
SysUser findByUserName(String username);
List<String> selectSysRoleIdByUserId(String userId);
List<SysPermissionNew> selectAllMenus();
List<SysPermissionNew> selectMencusByUserId(@Param("userId")String userId);
List<SysUser> selectSysUserByCondition(SysUser user);
Integer selectSysUserCountByCondition();
Integer updateSysUserById(SysUser user);
Integer insert(SysUser user);
Integer deleteSysUserRoleByUserId(@Param("userId")String userId);
Integer batchAddSysUserRole(List<SysUserRole> userRoles);
SysUser selectByPrimaryKey(String id);
}
src/main/java/com/xzxtshiro/mapper/SysRoleMapper.xml
...@@ -234,4 +234,12 @@ ...@@ -234,4 +234,12 @@
SCBZ = 1 SCBZ = 1
where ID = #{id,jdbcType=VARCHAR} where ID = #{id,jdbcType=VARCHAR}
</update> </update>
<!--根据用户id查询用户所拥有的权限-->
<select id="querySysRoleByUserId" resultType="com.xzxtshiro.pojo.SysRole" parameterType="java.lang.String">
SELECT <include refid="Base_Column_List" />
FROM sys_role
WHERE id IN (SELECT role_id
FROM sys_user_role
WHERE user_id = #{userId,jdbcType=VARCHAR})
</select>
</mapper> </mapper>
\ No newline at end of file
src/main/java/com/xzxtshiro/pojo/BaseModel.java
...@@ -30,13 +30,17 @@ public class BaseModel { ...@@ -30,13 +30,17 @@ public class BaseModel {
protected Date lrsj; protected Date lrsj;
protected String lrdwdm;
protected String lrdwmc;
protected String gxr; protected String gxr;
protected Date gxsj; protected Date gxsj;
protected String lrdwdm; protected String gxdwdm;
protected String lrdwmc; protected String gxdwmc;
protected Integer scbz; protected Integer scbz;
} }
src/main/java/com/xzxtshiro/pojo/SysDictitem.java 0 → 100644
package com.xzxtshiro.pojo;
import lombok.AllArgsConstructor;
import lombok.Data;
import lombok.NoArgsConstructor;
import lombok.extern.log4j.Log4j;
import java.io.Serializable;
import java.util.Date;
/**
* @author liuys
* @desc
* @date 2018-07-18 10:15
*/
@Data
@Log4j
@NoArgsConstructor
@AllArgsConstructor
public class SysDictitem extends BaseModel implements Serializable {
private static final long serialVersionUID = 1L;
protected String id;
protected String codeStr;
protected String name;
protected String groupid;
protected String levelid;
protected String spell;
protected String wbzx;
protected String simple;
protected String groupname;
protected String yycj1;
protected String yycj2;
protected String yycj3;
protected String yycj4;
protected String pid;
protected String isparent;
protected String yycj7;
protected String yycj5;
protected String yycj6;
protected String description;
protected String endcode;
protected String startcode;
protected String yycj8;
protected String sfqybmpdbz;
protected String dmmcbm;
protected String gabxf;
}
src/main/java/com/xzxtshiro/pojo/SysPermissionNew.java
...@@ -8,6 +8,7 @@ import lombok.extern.log4j.Log4j; ...@@ -8,6 +8,7 @@ import lombok.extern.log4j.Log4j;
import java.io.Serializable; import java.io.Serializable;
import java.util.Date; import java.util.Date;
import java.util.List;
/** /**
* @author liuys * @author liuys
...@@ -42,4 +43,10 @@ public class SysPermissionNew extends BaseModel implements Serializable { ...@@ -42,4 +43,10 @@ public class SysPermissionNew extends BaseModel implements Serializable {
protected Integer flag; protected Integer flag;
protected String userId;
/**
* 子菜单list
*/
protected List childMenu;
} }
src/main/java/com/xzxtshiro/pojo/SysUser.java 0 → 100644
package com.xzxtshiro.pojo;
import lombok.AllArgsConstructor;
import lombok.Data;
import lombok.NoArgsConstructor;
import lombok.extern.log4j.Log4j;
import java.io.Serializable;
import java.math.BigDecimal;
import java.util.Date;
@Data
@Log4j
@NoArgsConstructor
@AllArgsConstructor
public class SysUser extends BaseModel implements Serializable {
private static final long serialVersionUID = 1L;
protected String id;
protected String unitcode;
protected String username;
protected String password;
protected String trueName;
protected String openFlag;
protected String defaultModel;
protected String remark;
protected String lrr;
protected Date lrsj;
protected String gxr;
protected Date gxsj;
protected String lrdwdm;
protected String lrdwmc;
protected String identitycard;
protected String sex;
protected Date birthday;
protected String telephone;
protected String unitname;
protected Integer scbz;
protected String ip;
protected String grade;
protected String policemanid;
protected BigDecimal defaultDesktop;
protected String theme;
protected Date lastlogintime;
protected Date lastchecktime;
protected String xxzyurl;
protected String gzzmZhy;
protected String gzzmYpy;
protected String gzzmZcy;
protected String gzzmPlay;
protected String glybz;
protected String tqyhbz;
protected String roleNames;
/**角色的id合集*/
protected String roleId;
/**角色的name合集*/
protected String roleName;
}
\ No newline at end of file
src/main/java/com/xzxtshiro/service/SysDictitemService.java 0 → 100644
package com.xzxtshiro.service;
import com.xzxtshiro.pojo.SysDictitem;
import net.sf.json.JSONArray;
/**
* @author liuys
* @desc
* @date 2018-07-18 10:39
*/
public interface SysDictitemService {
/**
* 根据定制条件查询字典,常用的是groupid
* @param dictitem
* @return
*/
JSONArray selectDictitemByCondition(SysDictitem dictitem);
}
src/main/java/com/xzxtshiro/service/SysUserService.java 0 → 100644
package com.xzxtshiro.service;
import com.shiro.demo.pojo.Permission;
import com.shiro.demo.pojo.User;
import com.xzxtshiro.pojo.BaseModel;
import com.xzxtshiro.pojo.SysPermissionNew;
import com.xzxtshiro.pojo.SysRole;
import com.xzxtshiro.pojo.SysUser;
import java.util.List;
/**
* @author liuys
* @desc
* @date 2018-07-12 16:51
*/
public interface SysUserService {
/**
* 根据用户id获取权限
* @return
*/
List<SysPermissionNew> selectSysPermissionNewByUserId(String userId);
List<SysRole> selectSysRoleByUserId(String userId);
SysUser login(String username, String password);
List<List<SysPermissionNew>> selectMenusByUserId(String userId);
BaseModel selectSysUserPage(SysUser user);
Integer updateStatusById(SysUser user);
SysUser add(SysUser user);
SysUser selectSysUserById(String id);
SysUser update(SysUser user);
Integer deleteUserById(SysUser user);
SysUser loadByUsername(String username);
Integer updatePwd(SysUser user);
}
src/main/java/com/xzxtshiro/service/imp/SysDictitemImpl.java 0 → 100644
package com.xzxtshiro.service.imp;
import com.xzxtshiro.dao.SysDictitemDao;
import com.xzxtshiro.pojo.SysDictitem;
import com.xzxtshiro.service.SysDictitemService;
import net.sf.json.JSONArray;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import java.util.List;
/**
* @author liuys
* @desc
* @date 2018-07-18 10:42
*/
@Service
public class SysDictitemImpl implements SysDictitemService {
@Autowired
SysDictitemDao sysDictitemDao;
@Override
public JSONArray selectDictitemByCondition(SysDictitem dictitem) {
dictitem.setScbz(0);
List<SysDictitem> dictitems = sysDictitemDao.selectDictitemByCondition(dictitem);
JSONArray dictitemjson = JSONArray.fromObject(dictitems);
return dictitemjson;
}
}
src/main/java/com/xzxtshiro/service/imp/SysUserServiceImpl.java 0 → 100644
package com.xzxtshiro.service.imp;
import com.xzxtshiro.dao.SysRoleDao;
import com.xzxtshiro.dao.SysUserDao;
import com.xzxtshiro.pojo.*;
import com.xzxtshiro.service.SysUserService;
import com.xzxtshiro.util.Base64PasswordEncrypter;
import com.xzxtshiro.util.MenuUtil;
import com.xzxtshiro.util.SequenceUtil;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.UnknownAccountException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
/**
* @author liuys
* @desc
* @date 2018-07-12 17:30
*/
@Service
public class SysUserServiceImpl implements SysUserService {
@Autowired
SysUserDao userDao;
@Autowired
SysRoleDao sysRoleDao;
@Override
public List<SysPermissionNew> selectSysPermissionNewByUserId(String userId) {
return userDao.selectSysPermissionsByUserId(userId);
}
@Override
public List<SysRole> selectSysRoleByUserId(String userId) {
return userDao.selectSysRolesByUserId(userId);
}
@Override
public SysUser login(String username, String password) {
SysUser user = userDao.findByUserName(username);
// 密码匹配的工作交给 Shiro 去完成
if (user == null) {
// 因为缓存切面的原因,在这里就抛出用户名不存在的异常
throw new UnknownAccountException("用户名不存在(生产环境中应该写:用户名和密码的组合不正确)");
} else if (user.getScbz() == 1) {
throw new LockedAccountException("用户已经被禁用,请联系管理员启用该账号");
}
return user;
}
@Override
public List<List<SysPermissionNew>> selectMenusByUserId(String userId) {
List<String> roleIds = userDao.selectSysRoleIdByUserId(userId);
List<SysPermissionNew> permissions = null;
//如果角色id包含,说明当前登录用户拥有超级管理员身份
if (roleIds.contains("6b281f7b1531106578cnv9ejyt4nsc")) {
permissions = userDao.selectAllMenus();
} else {
permissions = userDao.selectMencusByUserId(userId);
}
List<List<SysPermissionNew>> list = null;
if (permissions.size() > 0) {
list = MenuUtil.getMenus(permissions);
}
for (int i = 0; i < list.size(); i++) {
if (list.get(i).size() == 0) {
list.remove(i);
i--;
}
}
return list;
}
@Override
public BaseModel selectSysUserPage(SysUser user) {
//在此可以加条件过滤出需要显示的用户列表,目前暂时不加限制
List<SysUser> data = userDao.selectSysUserByCondition(user);
for (SysUser u:data){
//根据用户id查询用户所拥有的角色
List<SysRole> roleList = sysRoleDao.querySysRoleByUserId(u.getId());
StringBuffer roleNames = new StringBuffer();
for (SysRole role:roleList){
roleNames.append(role.getRolename()+",");
}
u.setRoleNames(roleNames.toString());
}
Integer count = userDao.selectSysUserCountByCondition();
BaseModel userPage = new BaseModel();
userPage.setCount(count);
userPage.setData(data);
return userPage;
}
@Override
public Integer updateStatusById(SysUser user) {
int i = userDao.updateSysUserById(user);
return i;
}
@Override
public SysUser add(SysUser user) {
if (user.getPassword() == null||user.getPassword()=="") {
user.setPassword("000000");
}
//加密密码
String password = user.getPassword();
Base64PasswordEncrypter base = new Base64PasswordEncrypter();
password = base.encryptPassword(password);
user.setPassword(password);
SysUser u = userDao.findByUserName(user.getUsername());
//判断要插入的目标对象是否存在
if (u == null) {
String userId = SequenceUtil.getNextXxzjbh();
user.setId(userId);
user.setLrsj(new Date());
user.setScbz(0);
user.setLrr("admin");
int i = userDao.insert(user);
String roleIds = user.getRoleId();
if(roleIds!=null&&!"".equals(roleIds)){
String[] roleList = roleIds.split(",");
List<SysUserRole> userRoles = new ArrayList<SysUserRole>();
for (String role:roleList){
SysUserRole sysUserRole = new SysUserRole();
sysUserRole.setId(SequenceUtil.getNextXxzjbh());
sysUserRole.setUserId(userId);
sysUserRole.setRoleId(role);
sysUserRole.setLrr("admin");
sysUserRole.setLrsj(new Date());
sysUserRole.setScbz(0);
userRoles.add(sysUserRole);
}
int j = userDao.batchAddSysUserRole(userRoles);
}
} else {
System.out.println("保存失败");
user = new SysUser();
}
return user;
}
@Override
public SysUser selectSysUserById(String id) {
return userDao.selectByPrimaryKey(id);
}
/**
* 除了更新用户的基本信息之外,还需要删除原有的角色与用户的绑定,然后添加新的用户
* 和角色的关系
* @param user
* @return
*/
@Override
public SysUser update(SysUser user) {
//1.首先修改用户的基本信息
user.setGxr("admin");
user.setGxsj(new Date());
user.setPassword(new Base64PasswordEncrypter().encryptPassword(user.getPassword()));
int a = userDao.updateSysUserById(user);
//2.删除原有的角色和用户的绑定关系
int b = userDao.deleteSysUserRoleByUserId(user.getId());
//3.增加新的用户和角色的关系
String roleIds = user.getRoleId();
if(roleIds!=null&&!"".equals(roleIds)){
String[] roleList = roleIds.split(",");
List<SysUserRole> userRoles = new ArrayList<SysUserRole>();
for (String role:roleList){
SysUserRole sysUserRole = new SysUserRole();
sysUserRole.setId(SequenceUtil.getNextXxzjbh());
sysUserRole.setUserId(user.getId());
sysUserRole.setRoleId(role);
sysUserRole.setLrr("admin");
sysUserRole.setLrsj(new Date());
sysUserRole.setScbz(0);
userRoles.add(sysUserRole);
}
int c = userDao.batchAddSysUserRole(userRoles);
}
return user;
}
@Override
public Integer deleteUserById(SysUser user) {
//1.删除用户,此处即将scbz改为1
user.setGxsj(new Date());
user.setGxr("admin");
user.setScbz(1);
int a = userDao.updateSysUserById(user);
//2.删除用户和角色的绑定关系
int b = userDao.deleteSysUserRoleByUserId(user.getId());
if (a + b >= 2) {
return 1;
}else{
return 0;
}
}
@Override
public SysUser loadByUsername(String username) {
return userDao.findByUserName(username);
}
@Override
public Integer updatePwd(SysUser user) {
user.setGxr("admin");
user.setGxsj(new Date());
user.setPassword(new Base64PasswordEncrypter().encryptPassword(user.getPassword()));
int a = userDao.updateSysUserById(user);
return a;
}
}
src/main/java/com/xzxtshiro/shiro/cache/BaseCacheService.java 0 → 100644
package com.xzxtshiro.shiro.cache;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.cache.Cache;
import org.springframework.cache.CacheManager;
/**
* Created by changchao on 16/9/21.
* 注意:该基础缓存服务类中使用的缓存都是 Spring 框架提供的缓存
*
*/
public class BaseCacheService implements InitializingBean {
/**
* Spring 的 Cache
*/
@Autowired
private CacheManager cacheManager;
private Cache cache;
private String cacheName;
public void setCacheManager(CacheManager cacheManager) {
this.cacheManager = cacheManager;
}
public void setCache(Cache cache) {
this.cache = cache;
}
public void setCacheName(String cacheName) {
this.cacheName = cacheName;
}
/**
* 在所有的属性设置完成以后,
* 属性 cacheName 就非空
* cacheName 这个 String 对象在我们的项目中就是 ehcache.xml 中配置的字符串
* cache 就可以获得一个缓存对象
*
* @throws Exception
*/
@Override
public void afterPropertiesSet() throws Exception {
cache = cacheManager.getCache(cacheName);
}
// 以下是自定义的方法
/**
* 清空缓存中所有的对象
*/
public void clear(){
cache.clear();
}
/**
* 将一个对象放入缓存
* @param key
* @param value
*/
public void put(String key,Object value){
cache.put(key,value);
}
/**
* 将一个对象移出缓存
* @param key
*/
public void evict(String key){
cache.evict(key);
}
/**
* 从缓存中获得一个对象
* @param key
* @return
*/
public Object get(String key){
Cache.ValueWrapper vw = cache.get(key);
if(vw!=null){
return vw.get();
}
return null;
}
}
src/main/java/com/xzxtshiro/shiro/cache/EhCacheManager.java 0 → 100644
package com.xzxtshiro.shiro.cache;
import net.sf.ehcache.Ehcache;
import org.apache.commons.io.IOUtils;
import org.apache.shiro.cache.Cache;
import org.apache.shiro.cache.CacheException;
import org.apache.shiro.cache.CacheManager;
import org.apache.shiro.cache.ehcache.EhCache;
import org.apache.shiro.config.ConfigurationException;
import org.apache.shiro.io.ResourceUtils;
import org.apache.shiro.util.Destroyable;
import org.apache.shiro.util.Initializable;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
/**
* Created by changchao on 2017/8/29
*/
public class EhCacheManager implements CacheManager, Initializable, Destroyable {
private static final Logger log = LoggerFactory.getLogger(org.apache.shiro.cache.ehcache.EhCacheManager.class);
protected net.sf.ehcache.CacheManager manager;
private boolean cacheManagerImplicitlyCreated = false;
private String cacheManagerConfigFile = "classpath:org/apache/shiro/cache/ehcache/ehcache.xml";
public EhCacheManager() {
}
public net.sf.ehcache.CacheManager getCacheManager() {
return this.manager;
}
public void setCacheManager(net.sf.ehcache.CacheManager manager) {
this.manager = manager;
}
public String getCacheManagerConfigFile() {
return this.cacheManagerConfigFile;
}
public void setCacheManagerConfigFile(String classpathLocation) {
this.cacheManagerConfigFile = classpathLocation;
}
protected InputStream getCacheManagerConfigFileInputStream() {
String configFile = this.getCacheManagerConfigFile();
InputStream inputStream = null;//new
try {
inputStream = ResourceUtils.getInputStreamForPath(configFile);
byte[] b = IOUtils.toByteArray(inputStream);
InputStream in = new ByteArrayInputStream(b);
return in;
//return ResourceUtils.getInputStreamForPath(configFile);
} catch (IOException var3) {
throw new ConfigurationException("Unable to obtain input stream for cacheManagerConfigFile [" + configFile + "]", var3);
}finally {
IOUtils.closeQuietly(inputStream);
}
}
@Override
public final <K, V> Cache<K, V> getCache(String name) throws CacheException {
if (log.isTraceEnabled()) {
log.trace("Acquiring EhCache instance named [" + name + "]");
}
try {
Ehcache cache = this.ensureCacheManager().getEhcache(name);
if (cache == null) {
if (log.isInfoEnabled()) {
log.info("Cache with name '{}' does not yet exist. Creating now.", name);
}
this.manager.addCache(name);
cache = this.manager.getCache(name);
if (log.isInfoEnabled()) {
log.info("Added EhCache named [" + name + "]");
}
} else if (log.isInfoEnabled()) {
log.info("Using existing EHCache named [" + ((Ehcache) cache).getName() + "]");
}
return new EhCache((Ehcache) cache);
} catch (net.sf.ehcache.CacheException var3) {
throw new CacheException(var3);
}
}
@Override
public final void init() throws CacheException {
this.ensureCacheManager();
}
private net.sf.ehcache.CacheManager ensureCacheManager() {
try {
if (this.manager == null) {
if (log.isDebugEnabled()) {
log.debug("cacheManager property not set. Constructing CacheManager instance... ");
}
this.manager = new net.sf.ehcache.CacheManager(this.getCacheManagerConfigFileInputStream());
if (log.isTraceEnabled()) {
log.trace("instantiated Ehcache CacheManager instance.");
}
this.cacheManagerImplicitlyCreated = true;
if (log.isDebugEnabled()) {
log.debug("implicit cacheManager created successfully.");
}
}
return this.manager;
} catch (Exception var2) {
throw new CacheException(var2);
}
}
@Override
public void destroy() {
if (this.cacheManagerImplicitlyCreated) {
try {
net.sf.ehcache.CacheManager cacheMgr = this.getCacheManager();
cacheMgr.shutdown();
} catch (Exception var2) {
if (log.isWarnEnabled()) {
log.warn("Unable to cleanly shutdown implicitly created CacheManager instance. Ignoring (shutting down)...");
}
}
this.cacheManagerImplicitlyCreated = false;
}
}
}
src/main/java/com/xzxtshiro/shiro/cache/UserServiceAspect.java 0 → 100644
package com.xzxtshiro.shiro.cache;
import com.xzxtshiro.pojo.SysUser;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.*;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.annotation.EnableAspectJAutoProxy;
import org.springframework.stereotype.Service;
/**
* Created by changchao on 16/9/22.
*/
@Service
@Aspect
@EnableAspectJAutoProxy // 开启 AOP ,作用同 <aop:aspectj-autoproxy/>
public class UserServiceAspect extends BaseCacheService {
private static final Logger logger = LoggerFactory.getLogger(UserServiceAspect.class);
/**
* id 前缀
*/
private String idPrefix = "id-";
/**
* 用户名前缀
*/
private String usernamePrefix = "username-";
public UserServiceAspect(){
this.setCacheName("shiro-userCache");
}
/**
* target 表明只针对某个类实现 AOP 代理
*/
@Pointcut("target(com.xzxtshiro.service.imp.SysUserServiceImpl)")
public void userServicePointcut(){
}
/**
* 增加
* 删除
* 登录的方法
*
* 这三个方法不应该被缓存
*/
@Pointcut("execution(* add(..))|| execution(* update(..)) || execution(* login(..))")
public void userPutPointcut(){
}
/**
* 加载和按照用户名加载的方法要缓存起来
*/
@Pointcut("execution(* load(..)) || execution(* loadByUsername(..))")
public void userReadPointcut(){
}
@Pointcut(value = "execution(* delete(*)) && args(arg)",argNames = "arg")
public void userEvictPointcut(Object arg){
}
/**
* 当执行删除操作的时候的增强逻辑(目前暂时没有提供删除功能)
* @param arg
*/
@After(value = "userServicePointcut() && userEvictPointcut(arg)",argNames = "arg")
public void userEvictAdvice(Object arg){
logger.debug("------ UserServiceAspect ------ 删除增强 ----- 参数 ----- " + arg);
super.evict(idPrefix + arg);
}
/**
* 当发生增加、更新、登录操作的时候缓存一下对象(更新一次缓存)
* @param rel
*/
// 返回通知,可以访问到方法的返回值
// 注意 AfterReturning 配置必须有argNames参数,且参数值和 returning 值一样,
// 这样在织入代码里面便可通过 returning 的值获取被织入函数的返回值。
@AfterReturning(pointcut = "userServicePointcut() && userPutPointcut()",returning = "rel")
public void userPutAdvice(Object rel){
// rel 表示返回值
logger.debug("--- UserService 切面 ----- 返回值 => " + rel);
// 首先使用返回通知访问到这个对象
put((SysUser) rel);
}
/**
* 加载数据的时候的增强逻辑
* @param pjp
* @return
* @throws Throwable
*/
@Around(value = "userServicePointcut() && userReadPointcut()")
public Object userReadPointcut(ProceedingJoinPoint pjp) throws Throwable{
String methodName = pjp.getSignature().getName();
Object[] args = pjp.getArgs();
Object arg = args.length > 0 ? args[0] : null;
String key = null;
boolean isId = false;
if("load".equals(methodName)){
isId = true;
key = idPrefix + arg;
}else if("loadByUsername".equals(methodName)){
key = usernamePrefix + arg;
}
SysUser user = null;
if(isId){
user = (SysUser)super.get(key);
}else {
// 先根据用户名从缓存中找到 id
String idKey = idPrefix + super.get(key);
user = (SysUser) super.get(idKey);
}
if(user!=null){
return user;
}
return pjp.proceed();
}
/**
* 【重要】
* 缓存一个对象的具体流程
* 1、底层永远使用 id 前缀来缓存这个对象;
* 2、通过其它属性访问对象的时候,缓存 id 属性
* @param rel
*/
private void put(SysUser rel){
super.put(idPrefix + rel.getId(),rel);
// 建立了一个 用户名前缀和 id 之间的关系
super.put(usernamePrefix + rel.getUsername(),rel.getId());
}
}
src/main/java/com/xzxtshiro/shiro/filter/PermissionCheckFilter.java 0 → 100644
package com.xzxtshiro.shiro.filter;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.AccessControlFilter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
* Created by changchao on 2018/6/22.
*/
public class PermissionCheckFilter extends AccessControlFilter {
private String errorUrl;
private static final Logger logger = LoggerFactory.getLogger(PermissionCheckFilter.class);
public String getErrorUrl() {
return errorUrl;
}
public void setErrorUrl(String errorUrl) {
this.errorUrl = errorUrl;
}
/**
* 表示是否允许访问 ,如果允许访问返回true,否则false;
* @param servletRequest
* @param servletResponse
* @param o 表示写在拦截器中括号里面的字符串 mappedValue 就是 [urls] 配置中拦截器参数部分
* @return
* @throws Exception
*/
@Override
protected boolean isAccessAllowed(ServletRequest servletRequest, ServletResponse servletResponse, Object o) throws Exception {
Subject subject = getSubject(servletRequest,servletResponse);
String url = getPathWithinApplication(servletRequest);
logger.debug("当前用户正在访问的 url => " + url+"-------------");
//System.out.println(subject.isPermitted(url));
return subject.isPermitted(url);
}
/**
* onAccessDenied:表示当访问拒绝时是否已经处理了;如果返回 true 表示需要继续处理;如果返回 false 表示该拦截器实例已经处理了,将直接返回即可。
* @param servletRequest
* @param servletResponse
* @return
* @throws Exception
*/
@Override
protected boolean onAccessDenied(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
logger.debug("当 isAccessAllowed 返回 false 的时候,才会执行 method onAccessDenied ");
HttpServletRequest request =(HttpServletRequest) servletRequest;
HttpServletResponse response =(HttpServletResponse) servletResponse;
response.sendRedirect(request.getContextPath() + this.errorUrl);
// 返回 false 表示已经处理,例如页面跳转啥的,表示不在走以下的拦截器了(如果还有配置的话)
return false;
}
}
src/main/java/com/xzxtshiro/shiro/permission/UrlPermission.java 0 → 100644
package com.xzxtshiro.shiro.permission;
import org.apache.shiro.authz.Permission;
import org.apache.shiro.util.AntPathMatcher;
import org.apache.shiro.util.PatternMatcher;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/**
* Created by changchao on 2018/6/22.
*/
public class UrlPermission implements Permission {
private static final Logger logger = LoggerFactory.getLogger(UrlPermission.class);
// 在 Realm 的授权方法中,由数据库查询出来的权限字符串
private String url;
public UrlPermission(String url){
this.url = url;
}
/**
* 一个很重要的方法,用户判断 Realm 中设置的权限和从数据库或者配置文件中传递进来的权限信息是否匹配
* 如果 Realm 的授权方法中,一个认证主体有多个权限,会进行遍历,直到匹配成功为止
* this.url 是在遍历状态中变化的
*
* urlPermission.url 是从 subject.isPermitted(url)
* 传递到 UrlPermissionResolver 中传递过来的,就一个固定值
*
* @param permission
* @return
*/
@Override
public boolean implies(Permission permission) {
if(!(permission instanceof UrlPermission)){
return false;
}
//
UrlPermission urlPermission = (UrlPermission)permission;
PatternMatcher patternMatcher = new AntPathMatcher();
logger.debug("this.url(来自数据库中存放的通配符数据),在 Realm 的授权方法中注入的 => " + this.url);
logger.debug("urlPermission.url(来自浏览器正在访问的链接) => " + urlPermission.url);
boolean matches = patternMatcher.matches(this.url,urlPermission.url);
logger.debug("matches => " + matches);
return matches;
}
}
src/main/java/com/xzxtshiro/shiro/permission/UrlPermissionResolver.java 0 → 100644
package com.xzxtshiro.shiro.permission;
import org.apache.shiro.authz.Permission;
import org.apache.shiro.authz.permission.PermissionResolver;
import org.apache.shiro.authz.permission.WildcardPermission;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/**
* Created by changchao on 2018/6/22.
*/
public class UrlPermissionResolver implements PermissionResolver {
private static final Logger logger = LoggerFactory.getLogger(UrlPermissionResolver.class);
/**
* 经过调试发现
* subject.isPermitted(url) 中传入的字符串
* 和自定义 Realm 中传入的权限字符串集合都要经过这个 resolver
* @param s
* @return
*/
@Override
public Permission resolvePermission(String s) {
logger.debug("s => " + s);
if(s.startsWith("/")){
return new UrlPermission(s);
}
return new WildcardPermission(s);
}
}
src/main/java/com/xzxtshiro/shiro/realm/MyRealm.java 0 → 100644
package com.xzxtshiro.shiro.realm;
import com.xzxtshiro.pojo.SysPermissionNew;
import com.xzxtshiro.pojo.SysRole;
import com.xzxtshiro.pojo.SysUser;
import com.xzxtshiro.service.SysUserService;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.cache.Cache;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.SimplePrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.List;
/**
* Created by changchao on 2018/6/22.
*/
public class MyRealm extends AuthorizingRealm {
private static final Logger logger = LoggerFactory.getLogger(MyRealm.class);
@Autowired
private SysUserService userService;
/**
* 授权
*
* @param principalCollection
* @return
*/
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
logger.info("--- MyRealm doGetAuthorizationInfo ---");
System.out.println("--- MyRealm doGetAuthorizationInfo ---");
// 获得经过认证的主体信息
SysUser user = (SysUser) principalCollection.getPrimaryPrincipal();
String userId = user.getId();
List<SysPermissionNew> permissions = userService.selectSysPermissionNewByUserId(userId);
List<SysRole> sysRoles = userService.selectSysRoleByUserId(userId);
List<String> roleSns = new ArrayList<String>();
for (SysRole role:sysRoles){
roleSns.add(role.getRolename());
}
List<String> resStrList = new ArrayList<>();
for (SysPermissionNew permission : permissions) {
if (permission != null) {
if(permission.getUrl()!=null){
resStrList.add(permission.getUrl());
}
}
}
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
info.setRoles(new HashSet<>(roleSns));
info.setStringPermissions(new HashSet<>(resStrList));
// 以上完成了动态地对用户授权
logger.debug("role => " + roleSns);
logger.debug("permission => " + resStrList);
logger.info("role => " + roleSns);
logger.info("permission => " + resStrList);
return info;
}
/**
* 认证
*
* @param authenticationToken
* @return
* @throws AuthenticationException
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
logger.info("--- MyRealm doGetAuthenticationInfo ---");
System.out.println("--- MyRealm doGetAuthenticationInfo ---");
String username = authenticationToken.getPrincipal().toString();
String password = new String((char[]) authenticationToken.getCredentials());
System.out.println("--- 1111111111111111111Password ---"+password);
// 以后我们使用 Spring 管理 Shiro 的时候,就不必要这样得到 UserService 了
// userService = (IUserService) InitServlet.getBean("userService");
// User user = userService.login(username,password);
// 这里应该使用 load 方法,比对用户名的密码的环节应该交给 Shiro 这个框架去完成
// 在测试调试的时候发现,这里还是应该使用 login 判断,因为登录不成功的原因有很多,
// 可以在登录的逻辑里面抛出各种异常
// 再到 subject.login(token) 里面去捕获对应的异常
// 显示不同的消息到页面上
SysUser user = userService.login(username, password);
System.out.println("user***********************************"+user);
if (user != null) {
// 第 1 个参数可以传一个实体对象,然后在认证的环节可以取出
// 第 2 个参数应该传递在数据库中“正确”的数据,然后和 token 中的数据进行匹配
// SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(user, user.getPassword(), getName());
// 设置盐值
// info.setCredentialsSalt(ByteSource.Util.bytes(username.getBytes()));
System.out.println("password+++++++++++++++++++++++++++++=="+user.getPassword());
String realmName = getName();
//4). 盐值.
ByteSource credentialsSalt = ByteSource.Util.bytes(username);
SimpleAuthenticationInfo info = null; //new SimpleAuthenticationInfo(principal, credentials, realmName);
info = new SimpleAuthenticationInfo(user, user.getPassword(), credentialsSalt, realmName);
return info;
}
return null;
}
@Override
protected void clearCachedAuthenticationInfo(PrincipalCollection principals) {
Cache c = getAuthenticationCache();
logger.info("清除【认证】缓存之前");
for (Object o : c.keys()) {
logger.info(o + " , " + c.get(o));
}
super.clearCachedAuthenticationInfo(principals);
logger.info("调用父类清除【认证】缓存之后");
for (Object o : c.keys()) {
logger.info(o + " , " + c.get(o));
}
// 添加下面的代码清空【认证】的缓存
SysUser user = (SysUser) principals.getPrimaryPrincipal();
SimplePrincipalCollection spc = new SimplePrincipalCollection(user.getUsername(), getName());
super.clearCachedAuthenticationInfo(spc);
logger.info("添加了代码清除【认证】缓存之后");
int cacheSize = c.keys().size();
logger.info("【认证】缓存的大小:" + c.keys().size());
if (cacheSize == 0) {
logger.info("说明【认证】缓存被清空了。");
}
}
@Override
protected void clearCachedAuthorizationInfo(PrincipalCollection principals) {
logger.info("清除【授权】缓存之前");
Cache c = getAuthorizationCache();
for (Object o : c.keys()) {
logger.info(o + " , " + c.get(o));
}
super.clearCachedAuthorizationInfo(principals);
logger.info("清除【授权】缓存之后");
int cacheSize = c.keys().size();
logger.info("【授权】缓存的大小:" + cacheSize);
for (Object o : c.keys()) {
logger.info(o + " , " + c.get(o));
}
if (cacheSize == 0) {
logger.info("说明【授权】缓存被清空了。");
}
}
}
src/main/java/com/xzxtshiro/util/Base64PasswordEncrypter.java 0 → 100644
/*File: Base64PasswordEncrypter.java
* date 2013-8-22
*/
package com.xzxtshiro.util;
import org.apache.commons.codec.binary.Base64;
import sun.misc.BASE64Encoder;
/**
* <p>Title: Base64PasswordEncrypter.java</p>
* <p>Description: Base64�����㷨</p>
* <p>Copyright: HIGHLAND'S Copyright (c) 2013</p>
* <p>Company: HIGHLAND</p>
* @author highland_team_Luojx
* @date 2013-8-22
* @version 1.0
*/
public class Base64PasswordEncrypter implements IPasswordEncrypter {
public String encryptPassword(String password) {
String encodeTxt = "";
if ((password != null) && (password.length() > 0)) {
encodeTxt = new BASE64Encoder().encode(password.getBytes());
}
return encodeTxt;
}
public boolean isPasswordValid(String password, String encryptedPassword) {
if (encryptedPassword == null) {
throw new IllegalArgumentException(
"encryptedPassword cannot be null");
}
if (password == null) {
password = "";
}
return encryptedPassword.equals(encryptPassword(password));
}
public String encryptPassword(String userName, String password) {
return null;
}
public String decryptPassword(String encodeTxt) {
String password=null;
try{
password =new String(Base64.decodeBase64(encodeTxt.getBytes("UTF-8")),"UTF-8");
}catch(Exception e){
e.printStackTrace();
}
return password;
}
public String grpDecrypt(String s, String s1) {
return null;
}
}
src/main/java/com/xzxtshiro/util/CustomCredentialsMatcher.java 0 → 100644
package com.xzxtshiro.util;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authc.credential.SimpleCredentialsMatcher;
/**
* @author liuys
* @desc
* @date 2018-07-13 10:56
*/
public class CustomCredentialsMatcher extends SimpleCredentialsMatcher {
@Override
public boolean doCredentialsMatch(AuthenticationToken authcToken, AuthenticationInfo info) {
UsernamePasswordToken token = (UsernamePasswordToken) authcToken;
String password = new String((char[]) authcToken.getCredentials());
Object accountCredentials = getCredentials(info);
String pwdUser =new Base64PasswordEncrypter().encryptPassword(password) ;
//将密码加密与系统加密后的密码校验,内容一致就返回true,不一致就返回false
return equals(pwdUser, accountCredentials);
}
}
src/main/java/com/xzxtshiro/util/IPasswordEncrypter.java 0 → 100644
/*File: IPasswordEncrypter.java
* date 2013-8-22
*/
package com.xzxtshiro.util;
/**
* <p>Title: IPasswordEncrypter.java</p>
* <p>Description: 系统加密标准接口,需要加密的业务都实现此接口</p>
* <p>Copyright: HIGHLAND'S Copyright (c) 2013</p>
* <p>Company: HIGHLAND</p>
* @author highland_team_Luojx
* @date 2013-8-22
* @version 1.0
*/
public abstract interface IPasswordEncrypter {
public abstract String encryptPassword(String paramString);
public abstract String encryptPassword(String paramString1, String paramString2);
public abstract boolean isPasswordValid(String paramString1, String paramString2);
public abstract String grpDecrypt(String paramString1, String paramString2);
public abstract String decryptPassword(String encodeTxt);
}
src/main/java/com/xzxtshiro/util/MenuUtil.java 0 → 100644
package com.xzxtshiro.util;
import com.xzxtshiro.pojo.SysPermissionNew;
import java.util.ArrayList;
import java.util.List;
/**
* @author changchao
* @desc
* @date 2017/10/26 11:36
*/
public class MenuUtil {
public static List<List<SysPermissionNew>> getMenus(List<SysPermissionNew> resources) {
//系统菜单列表
List<SysPermissionNew> adminList = new ArrayList<>();
//监控菜单列表
List<SysPermissionNew> monitorList = new ArrayList<>();
//预警菜单列表
List<SysPermissionNew> warningList = new ArrayList<>();
//分析菜单列表
List<SysPermissionNew> analysisList = new ArrayList<>();
//决策菜单列表
List<SysPermissionNew> decidingList = new ArrayList<>();
//菜单列表集合
List<List<SysPermissionNew>> list = new ArrayList<>();
SysPermissionNew menu = new SysPermissionNew();
for (SysPermissionNew resource : resources) {
System.out.println(resource.getId()+"======================"+resource.getPid());
if ("0".equals(resource.getPid())) {
System.out.println(resource.getId()+"高级++++++++++++++++++++"+resource.getPid());
menu.setMenuname(resource.getMenuname());
menu.setId(resource.getId());
menu.setUrl(resource.getUrl());
menu.setZindex(resource.getZindex());
menu.setPid(resource.getPid());
menu.setType(resource.getType());
menu.setChildMenu(getMenus(resource.getId(), resources));
System.out.println(resource.getId()+"类型+++++++++++++++++++"+resource.getType());
if ("00".equals(menu.getType())) {
System.out.println("进入增加流程");
//权限相关菜单
adminList.add(menu);
} else if ("01".equals(menu.getType())) {
//命案菜单,邢专中按照type去区分菜单类型,暂定01为命案菜单
// monitorList.add(menu);
}
}
menu = new SysPermissionNew();
}
list.add(monitorList);
list.add(warningList);
list.add(analysisList);
list.add(decidingList);
list.add(adminList);
return list;
}
public static List<SysPermissionNew> getMenus(String id, List<SysPermissionNew> resources) {
System.out.println("进入递归");
List<SysPermissionNew> lists = new ArrayList<>();
for (SysPermissionNew resource : resources) {
SysPermissionNew menu = new SysPermissionNew();
String parantid = resource.getPid();
if (id.equals(parantid)) {
menu.setMenuname(resource.getMenuname());
menu.setId(resource.getId());
menu.setUrl(resource.getUrl());
menu.setZindex(resource.getZindex());
menu.setPid(resource.getPid());
menu.setType(resource.getType());
menu.setChildMenu(getMenus(resource.getId(), resources));
lists.add(menu);
}
}
return lists;
}
}
src/main/java/com/xzxtshiro/util/TokenUtil.java 0 → 100644
package com.xzxtshiro.util;
import com.xzxtshiro.pojo.SysUser;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
/**
* @author changchao
* @desc Shiro管理下的Token工具类
* @date 2017/10/25 11:31
*/
public class TokenUtil {
/**
* 登录
*
* @param
* @param user
* @param rememberMe @return
*/
public static SysUser login(SysUser user, boolean rememberMe) {
Subject subject = SecurityUtils.getSubject();
UsernamePasswordToken token = new UsernamePasswordToken(user.getUsername(), user.getPassword());
//token.setRememberMe(rememberMe);
// rememberme
System.out.println("token==================================="+token);
token.setRememberMe(true);
subject.login(token);
return getUser();
}
/**
* 获取当前登录的用户User对象
*
* @return
*/
public static SysUser getUser() {
return (SysUser) SecurityUtils.getSubject().getPrincipal();
}
}
src/main/java/com/xzxtshiro/util/passwordTest.java 0 → 100644
package com.xzxtshiro.util;
import com.xzxtshiro.pojo.SysUser;
/**
* @author liuys
* @desc
* @date 2018-07-13 10:28
*/
public class passwordTest {
public static void main(String[] args){
Base64PasswordEncrypter base = new Base64PasswordEncrypter();
System.out.println(base.encryptPassword("123456"));
}
}
src/main/resources/spring/applicationContext-shiro.xml 0 → 100644
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:util="http://www.springframework.org/schema/util"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xsi:schemaLocation="
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.0.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.0.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd
http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-4.0.xsd">
<!-- 缓存管理器 使用Ehcache实现 begin -->
<!-- 配置 Spring 的 EhCacheCacheManager,须要 spring-context-support 的支持 -->
<bean id="cacheManager" class="org.springframework.cache.ehcache.EhCacheCacheManager">
<property name="cacheManager" ref="ehCacheManagerFactoryBean"/>
</bean>
<!-- 配置 Spring 的 EhCacheManagerFactoryBean ,须要 spring-context-support 的支持 -->
<bean id="ehCacheManagerFactoryBean"
class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean">
<property name="configLocation" value="classpath:resource/ehcache.xml"/>
</bean>
<!-- 缓存管理器 使用Ehcache实现 end -->
<!-- 凭证匹配器 begin-->
<!-- 声明一个密码匹配器 -->
<!--<bean id="credentialsMatcher" class="org.apache.shiro.authc.credential.HashedCredentialsMatcher">
&lt;!&ndash; 设置该密码匹配器使用的算法是 md5 &ndash;&gt;
<property name="hashAlgorithmName" value="md5"/>&lt;!&ndash;指定hash算法为MD5;&ndash;&gt;
<property name="hashIterations" value="1024"></property>
&lt;!&ndash;<property name="hashIterations" value="2"/>&lt;!&ndash;指定散列次数为2次&ndash;&gt;
<property name="storedCredentialsHexEncoded" value="true"/>&lt;!&ndash;指定Hash散列值使用Hex加密存储;value="false"表明hash散列值用用Base64-encoded存储.&ndash;&gt;
&lt;!&ndash;详见http://blog.csdn.net/lookthatgirl/article/details/37593869&ndash;&gt;&ndash;&gt;
</bean>-->
<!-- 凭证匹配器 -->
<bean id="credentialsMatcher" class="com.xzxtshiro.util.CustomCredentialsMatcher">
</bean>
<!-- 凭证匹配器 end-->
<!-- 自定义一个权限匹配器 begin -->
<bean id="permissionResolver" class="com.xzxtshiro.shiro.permission.UrlPermissionResolver"/>
<!-- 自定义一个权限匹配器 end -->
<!-- Realm实现 begin-->
<!-- 声明一个自定义的 Realm -->
<bean id="myRealm" class="com.xzxtshiro.shiro.realm.MyRealm">
<!-- 将上面声明的密码匹配器注入到自定义 Realm 的属性中去 -->
<property name="credentialsMatcher" ref="credentialsMatcher"/>
<!-- 将自定义的权限匹配器注入到自定义 Realm 中 -->
<property name="permissionResolver" ref="permissionResolver"/>
<!-- 配置缓存相关 -->
<!-- 启用缓存 -->
<property name="cachingEnabled" value="true"/>
<!-- 开启认证缓存 -->
<property name="authenticationCachingEnabled" value="true"/>
<!-- 指定认证缓存的名字(与 ehcache.xml 中声明的相同) -->
<property name="authenticationCacheName" value="shiro-authenticationCache"/>
<!--开启授权缓存 -->
<property name="authorizationCachingEnabled" value="true"/>
<!-- 指定授权缓存的名字(与 ehcache.xml 中声明的相同) -->
<property name="authorizationCacheName" value="shiro-authorizationCache"/>
</bean>
<!-- Realm实现 end-->
<!--回话管理 begin-->
<!-- 会话ID生成器 -->
<bean id="sessionIdGenerator" class="org.apache.shiro.session.mgt.eis.JavaUuidSessionIdGenerator"/>
<!-- 会话Cookie模板 -->
<bean id="sessionIdCookie" class="org.apache.shiro.web.servlet.SimpleCookie">
<constructor-arg value="sid"/>
<property name="httpOnly" value="true"/>
<property name="maxAge" value="-1"/>
</bean>
<bean id="rememberMeCookie" class="org.apache.shiro.web.servlet.SimpleCookie">
<constructor-arg value="rememberMe"/>
<property name="httpOnly" value="true"/>
<property name="maxAge" value="2592000"/><!-- 30天 -->
</bean>
<!-- rememberMe管理器 -->
<bean id="rememberMeManager" class="org.apache.shiro.web.mgt.CookieRememberMeManager">
<!-- rememberMe cookie加密的密钥 建议每个项目都不一样 默认AES算法 密钥长度(128 256 512 位)-->
<property name="cipherKey"
value="#{T(org.apache.shiro.codec.Base64).decode('4AvVhmFLUs0KTA3Kprsdag==')}"/>
<property name="cookie" ref="rememberMeCookie"/>
</bean>
<!-- 会话DAO -->
<bean id="sessionDAO" class="org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO">
<property name="activeSessionsCacheName" value="shiro-activeSessionCache"/>
<property name="sessionIdGenerator" ref="sessionIdGenerator"/>
</bean>
<!-- 会话验证调度器 -->
<bean id="sessionValidationScheduler" class="org.apache.shiro.session.mgt.quartz.QuartzSessionValidationScheduler">
<property name="sessionValidationInterval" value="1800000"/>
<property name="sessionManager" ref="sessionManager"/>
</bean>
<!-- 会话管理器 -->
<bean id="sessionManager" class="org.apache.shiro.web.session.mgt.DefaultWebSessionManager">
<property name="globalSessionTimeout" value="1800000"/>
<property name="deleteInvalidSessions" value="true"/>
<property name="sessionValidationSchedulerEnabled" value="true"/>
<property name="sessionValidationScheduler" ref="sessionValidationScheduler"/>
<property name="sessionDAO" ref="sessionDAO"/>
<property name="sessionIdCookieEnabled" value="true"/>
<property name="sessionIdCookie" ref="sessionIdCookie"/>
</bean>
<!--回话管理 end-->
<!-- 相当于调用SecurityUtils.setSecurityManager(securityManager) -->
<bean class="org.springframework.beans.factory.config.MethodInvokingFactoryBean">
<property name="staticMethod" value="org.apache.shiro.SecurityUtils.setSecurityManager"/>
<property name="arguments" ref="securityManager"/>
</bean>
<!-- 基于Form表单的身份验证过滤器 -->
<bean id="formAuthenticationFilter" class="org.apache.shiro.web.filter.authc.FormAuthenticationFilter">
<property name="usernameParam" value="username"/>
<property name="passwordParam" value="password"/>
<property name="rememberMeParam" value="rememberMe"/>
<property name="loginUrl" value="/login"/>
</bean>
<!-- 配置 shiro 的 ehcache 缓存相关,这个缓存只和 Realm 相关 begin -->
<!--重写EhCacheManager,关闭流-->
<!--<bean id="ehCacheManager" class="org.apache.shiro.cache.ehcache.EhCacheManager"></bean>-->
<bean id="ehCacheManager" class="com.xzxtshiro.shiro.cache.EhCacheManager"></bean>
<!-- 配置 shiro 的 ehcache 缓存相关,这个缓存只和 Realm 相关 end -->
<!-- 配置安全管理器 begin -->
<bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
<!-- 设置安全管理器的安全数据源为自定义的 Realm -->
<property name="realm" ref="myRealm"/>
<property name="cacheManager" ref="ehCacheManager"/>
<property name="sessionManager" ref="sessionManager"/>
<property name="rememberMeManager" ref="rememberMeManager"/>
</bean>
<!-- 配置安全管理器 end-->
<!-- 声明一个自定义的过滤器 begin -->
<bean id="resourceCheckFilter" class="com.xzxtshiro.shiro.filter.PermissionCheckFilter">
<!-- 为上面声明的自定义过滤器注入属性值 -->
<property name="errorUrl" value="/unAuthorization"/>
</bean>
<!-- 声明一个自定义的过滤器 end -->
<!-- Shiro的Web过滤器 begin-->
<bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
<property name="securityManager" ref="securityManager"/>
<!-- 如果认证不通过,浏览器通过 Get 方式请求到 /login 上 -->
<property name="loginUrl" value="/login"/>
<property name="unauthorizedUrl" value="/unAuthorization"/>
<property name="filters">
<util:map>
<entry key="authc" value-ref="formAuthenticationFilter"/>
</util:map>
</property>
<property name="filterChainDefinitions">
<value>
/admin/**=user,resourceCheckFilter
/login=anon
/logout = logout
</value>
</property>
</bean>
<!-- Shiro的Web过滤器 end-->
<!-- Shiro生命周期处理器 begin-->
<bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor"/>
<!-- Shiro生命周期处理器 end-->
</beans>
\ No newline at end of file
src/main/webapp/WEB-INF/jsp/admin/member/detail.jsp
<%@ page contentType="text/html;charset=UTF-8" language="java" %> <%@ page contentType="text/html;charset=UTF-8" language="java" %>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<html> <html>
<head> <head>
...@@ -32,8 +33,8 @@ ...@@ -32,8 +33,8 @@
<div class="layui-form-item"> <div class="layui-form-item">
<label class="layui-form-label">用户姓名</label> <label class="layui-form-label">用户姓名</label>
<div class="layui-input-inline"> <div class="layui-input-inline">
<input type="text" name="staffname" required lay-verify="required" placeholder="" autocomplete="off" <input type="text" name="trueName" required lay-verify="required" placeholder="" autocomplete="off"
value="${user.staffname}" readonly class="layui-input"> value="${user.trueName}" readonly class="layui-input">
</div> </div>
</div> </div>
<div class="layui-form-item"> <div class="layui-form-item">
...@@ -46,15 +47,30 @@ ...@@ -46,15 +47,30 @@
<div class="layui-form-item"> <div class="layui-form-item">
<label class="layui-form-label">所属部门</label> <label class="layui-form-label">所属部门</label>
<div class="layui-input-inline"> <div class="layui-input-inline">
<input type="text" name="deptname" required lay-verify="pwd" placeholder="请输入旧密码" autocomplete="off" <input type="text" name="unitname" required lay-verify="pwd" placeholder="请输入旧密码" autocomplete="off"
value="${user.deptname}" readonly class="layui-input"> value="${user.unitname}" readonly class="layui-input">
</div> </div>
</div> </div>
<div class="layui-form-item"> <div class="layui-form-item">
<label class="layui-form-label">用户角色</label> <label class="layui-form-label">用户等级</label>
<div class="layui-input-inline"> <div class="layui-input-inline">
<input type="text" id="npwd" name="rolename" required lay-verify="pwd" placeholder="请输入新密码" <c:if test="${user.grade=='X'}">
value="${user.rolename}" readonly autocomplete="off" class="layui-input"> <input type="text" name="grade" required lay-verify="pwd"
value="县级" readonly autocomplete="off" class="layui-input">
</c:if>
<c:if test="${user.grade=='D'}">
<input type="text" name="grade" required lay-verify="pwd"
value="地市级" readonly autocomplete="off" class="layui-input">
</c:if>
<c:if test="${user.grade=='S'}">
<input type="text" name="grade" required lay-verify="pwd"
value="省级" readonly autocomplete="off" class="layui-input">
</c:if>
<c:if test="${user.grade=='T'}">
<input type="text" name="grade" required lay-verify="pwd"
value="特级" readonly autocomplete="off" class="layui-input">
</c:if>
</div> </div>
</div> </div>
</form> </form>
......
src/main/webapp/WEB-INF/jsp/admin/permission/add.jsp
...@@ -68,6 +68,19 @@ ...@@ -68,6 +68,19 @@
</div> </div>
</div> </div>
<div class="layui-form-item"> <div class="layui-form-item">
<label class="layui-form-label">权限类型</label>
<div class="layui-input-block">
<select id="type" name="type" lay-verify="" lay-filter="type">
<option value="">请选择</option>
<option value="00">权限中心</option>
<option value="01">命案</option>
<option value="02">盗窃</option>
<option value="03">未知名尸体</option>
<option value="04">盗抢车辆</option>
</select>
</div>
</div>
<div class="layui-form-item">
<label class="layui-form-label">父级权限</label> <label class="layui-form-label">父级权限</label>
<div class="layui-input-block"> <div class="layui-input-block">
<input type="text" name="pidName" id="pidName" lay-verify="required" <input type="text" name="pidName" id="pidName" lay-verify="required"
......
src/main/webapp/WEB-INF/jsp/admin/permission/update.jsp
...@@ -70,6 +70,19 @@ ...@@ -70,6 +70,19 @@
</div> </div>
</div> </div>
<div class="layui-form-item"> <div class="layui-form-item">
<label class="layui-form-label">权限类型</label>
<div class="layui-input-block">
<select id="type" name="type" lay-verify="" lay-filter="type">
<option value="">请选择</option>
<option value="00">权限中心</option>
<option value="01">命案</option>
<option value="02">盗窃</option>
<option value="03">未知名尸体</option>
<option value="04">盗抢车辆</option>
</select>
</div>
</div>
<div class="layui-form-item">
<label class="layui-form-label">父级权限</label> <label class="layui-form-label">父级权限</label>
<div class="layui-input-block"> <div class="layui-input-block">
<input type="text" name="pidName" id="pidName" lay-verify="required" <input type="text" name="pidName" id="pidName" lay-verify="required"
...@@ -121,6 +134,10 @@ ...@@ -121,6 +134,10 @@
if (msg.length != "") { if (msg.length != "") {
layer.msg(msg, {icon: 5}); layer.msg(msg, {icon: 5});
} }
//设置角色类型
var type = "${permission.type}";
$("#type").val(type);
form.render('select');
var data = ${parantMenus}; var data = ${parantMenus};
var zNodes =[]; var zNodes =[];
var bool; var bool;
......
src/main/webapp/WEB-INF/jsp/admin/user/add.jsp
...@@ -41,13 +41,13 @@ ...@@ -41,13 +41,13 @@
<div class="layui-form-item"> <div class="layui-form-item">
<label class="layui-form-label">用户姓名</label> <label class="layui-form-label">用户姓名</label>
<div class="layui-input-block"> <div class="layui-input-block">
<input type="text" name="staffname" lay-verify="required" placeholder="请输入用户姓名" <input type="text" name="trueName" lay-verify="required" placeholder="请输入用户姓名"
value="${user.staffname}" value="${user.trueName}"
class="layui-input"> class="layui-input">
</div> </div>
</div> </div>
<div class="layui-form-item"> <div class="layui-form-item">
<label class="layui-form-label">登录名</label> <label class="layui-form-label">用户账号</label>
<div class="layui-input-block"> <div class="layui-input-block">
<input type="text" name="username" lay-verify="required" placeholder="请输入员工工号" <input type="text" name="username" lay-verify="required" placeholder="请输入员工工号"
value="${user.username}" value="${user.username}"
...@@ -57,49 +57,87 @@ ...@@ -57,49 +57,87 @@
<div class="layui-form-item"> <div class="layui-form-item">
<label class="layui-form-label">登录密码</label> <label class="layui-form-label">登录密码</label>
<div class="layui-input-block"> <div class="layui-input-block">
<input type="password" name="password" placeholder="默认密码000000" <input type="password" name="password" placeholder="请输入密码"
class="layui-input"> class="layui-input">
</div> </div>
</div> </div>
<div class="layui-form-item"> <div class="layui-form-item">
<label class="layui-form-label">所属部门</label> <label class="layui-form-label">密码确认</label>
<div class="layui-input-block"> <div class="layui-input-block">
<select name="deptId" lay-verify="required" lay-search=""> <input type="password" name="repassword" placeholder="请输入确认密码"
<option value="">请输入或选择部门</option> class="layui-input">
<c:forEach items="${depts}" var="dept"> </div>
<c:if test="${user.deptId==dept.id}"> </div>
<option value="${dept.id}" selected>${dept.name}</option> <div class="layui-form-item">
</c:if> <label class="layui-form-label">身份证号码</label>
<c:if test="${user.deptId!=dept.id}"> <div class="layui-input-block">
<option value="${dept.id}">${dept.name}</option> <input type="text" name="identitycard" placeholder="请输入身份证号"
</c:if> class="layui-input">
</c:forEach> </div>
</div>
<div class="layui-form-item">
<label class="layui-form-label">联系电话</label>
<div class="layui-input-block">
<input type="text" name="telephone" placeholder="请输入联系电话"
class="layui-input">
</div>
</div>
<div class="layui-form-item">
<label class="layui-form-label">用户警号</label>
<div class="layui-input-block">
<input type="text" name="policemanid" placeholder="请输入警号"
class="layui-input">
</div>
</div>
<div class="layui-form-item">
<label class="layui-form-label">用户等级</label>
<div class="layui-input-block">
<select id="grade" name="grade" lay-verify="" lay-filter="type">
<option value="">请选择</option>
<option value="X">县级</option>
<option value="D">地市级</option>
<option value="S">省级</option>
<option value="T">特级</option>
</select> </select>
</div> </div>
</div> </div>
<div class="layui-form-item">
<label class="layui-form-label">所属单位</label>
<div class="layui-input-block">
<input type="text" name="unitname" id="unitname" lay-verify="required"
class="layui-input">
<input type="text" id="unitcode" Name="unitcode" style="display: none;">
<span class="layui-btn" id="checkPer" onclick="checkTree('myUnitTree');">选择单位</span>
<div id="myUnitTree" style="display: none">
<ul id="unit" class="ztree"></ul>
</div>
</div>
</div>
<div class="layui-form-item"> <div class="layui-form-item">
<label class="layui-form-label">用户角色</label> <label class="layui-form-label">用户角色</label>
<div class="layui-input-block"> <div class="layui-input-block">
<c:forEach items="${roles}" var="role" varStatus="idxStatus"> <input type="text" name="roleName" id="roleName" lay-verify="required"
<c:if test="${idxStatus.index==0 or user.roleId==role.id}"> class="layui-input">
<input type="radio" name="roleId" value="${role.id}" title="${role.name}" checked> <input type="text" id="roleId" Name="roleId" style="display: none;">
</c:if> <span class="layui-btn" id="checkRolePid" onclick="checkTree('myRoleTree');">选择角色</span>
<c:if test="${ idxStatus.index!=0 and user.roleId!=role.id}"> <div id="myRoleTree" style="display: none">
<input type="radio" name="roleId" value="${role.id}" title="${role.name}"> <ul id="roleTree" class="ztree"></ul>
</c:if>
</c:forEach>
</div> </div>
</div> </div>
</div>
<div class="layui-form-item"> <div class="layui-form-item">
<label class="layui-form-label">用户状态</label> <label class="layui-form-label">用户状态</label>
<div class="layui-input-block"> <div class="layui-input-block">
<c:if test="${user.status==0 or user.status==null}"> <c:if test="${user.openFlag==0 or user.openFlag==null}">
<input type="radio" name="status" value="0" title="已禁用" checked> <input type="radio" name="openFlag" value="0" title="已禁用" checked>
<input type="radio" name="status" value="1" title="已启用"> <input type="radio" name="openFlag" value="1" title="已启用">
</c:if> </c:if>
<c:if test="${user.status==1}"> <c:if test="${user.openFlag==1}">
<input type="radio" name="status" value="0" title="已禁用"> <input type="radio" name="openFlag" value="0" title="已禁用">
<input type="radio" name="status" value="1" title="已启用" checked> <input type="radio" name="openFlag" value="1" title="已启用" checked>
</c:if> </c:if>
</div> </div>
</div> </div>
...@@ -115,7 +153,6 @@ ...@@ -115,7 +153,6 @@
</div> </div>
<span hidden id="msg">${msg}</span> <span hidden id="msg">${msg}</span>
<script src="${pageContext.request.contextPath}/resources/layui/layui.js"></script> <script src="${pageContext.request.contextPath}/resources/layui/layui.js"></script>
<script src="${pageContext.request.contextPath}/resources/jquery-3.1.0.min.js"></script>
<script> <script>
layui.use(['element', 'form', 'jquery'], function () { layui.use(['element', 'form', 'jquery'], function () {
var form = layui.form, var form = layui.form,
...@@ -131,6 +168,7 @@ ...@@ -131,6 +168,7 @@
//监听提交 //监听提交
form.on('submit(rulesSubmit)', function (data) { form.on('submit(rulesSubmit)', function (data) {
//提交表单 //提交表单
}); });
//弹出层 //弹出层
...@@ -138,6 +176,20 @@ ...@@ -138,6 +176,20 @@
if (msg.length!=""){ if (msg.length!=""){
layer.msg(msg, {icon: 5}); layer.msg(msg, {icon: 5});
} }
var data = ${unit};
var zNodes =[];
for (var i=0;i<data.length;i++){
zNodes.push({id:data[i].codeStr,pId:data[i].pid,name:data[i].name,open:false,file:"core/simpleData"});
}
setTree(zNodes,"unit","nocheck","unitcode","unitname");
data = ${role};
var zNodes =[];
for (var i=0;i<data.length;i++){
zNodes.push({id:data[i].id,pId:data[i].pid,name:data[i].rolename,open:false,file:"core/simpleData"});
}
setTree(zNodes,"roleTree","check","roleId","roleName");
}); });
</script> </script>
......
src/main/webapp/WEB-INF/jsp/admin/user/inc.jsp
<%@ page contentType="text/html;charset=UTF-8" language="java"%> <%@ page contentType="text/html;charset=UTF-8" language="java"%>
<link rel="stylesheet" href="${pageContext.request.contextPath}/resources/layui/css/layui.css" media="all"> <link rel="stylesheet" href="${pageContext.request.contextPath}/resources/layui/css/layui.css" media="all">
<link rel="stylesheet" href="${pageContext.request.contextPath}/resources/ztree/metroStyle/metroStyle.css"/>
<script src="${pageContext.request.contextPath}/resources/jquery-3.1.0.min.js"></script>
<script src="${pageContext.request.contextPath}/resources/ztree/ztree/jquery.ztree.core.js"></script>
<script src="${pageContext.request.contextPath}/resources/ztree/ztree/jquery.ztree.excheck.js"></script>
<script src="${pageContext.request.contextPath}/resources/common/common.js"></script>
<style> <style>
body { body {
margin: 10px; margin: 10px;
......
src/main/webapp/WEB-INF/jsp/admin/user/list.jsp
...@@ -38,12 +38,13 @@ ...@@ -38,12 +38,13 @@
<thead> <thead>
<tr> <tr>
<!--<th lay-data="{checkbox:true, fixed: true}"></th>--> <!--<th lay-data="{checkbox:true, fixed: true}"></th>-->
<th lay-data="{field:'rn',align:'center', width:100, sort: true}">序号</th>
<th lay-data="{field:'id',align:'center', width:100, sort: true}">ID</th> <th lay-data="{field:'id',align:'center', width:100, sort: true}">ID</th>
<th lay-data="{field:'username',align:'center', width:100, sort: true}">登录名</th> <th lay-data="{field:'username',align:'center', width:100, sort: true}">登录名</th>
<th lay-data="{field:'staffname', align:'center',width:100, sort: true}">用户姓名</th> <th lay-data="{field:'trueName', align:'center',width:100, sort: true}">用户姓名</th>
<th lay-data="{field:'deptname', align:'center',width:200, sort: true}">所属部门</th> <th lay-data="{field:'unitname', align:'center',width:200, sort: true}">所属部门</th>
<th lay-data="{field:'rolename', align:'center',width:100, sort: true}">用户角色</th> <th lay-data="{field:'roleNames', align:'center',width:100, sort: true}">用户角色</th>
<th lay-data="{field:'status',align:'center', width:100, sort: true,templet: '#userStateTpl'}"> <th lay-data="{field:'openFlag',align:'center', width:100, sort: true,templet: '#userStateTpl'}">
用户状态 用户状态
</th> </th>
<th lay-data="{width:120, align:'center', toolbar: '#toolBar'}">操作</th> <th lay-data="{width:120, align:'center', toolbar: '#toolBar'}">操作</th>
...@@ -59,10 +60,10 @@ ...@@ -59,10 +60,10 @@
</script> </script>
<!--推送规则模板--> <!--推送规则模板-->
<script type="text/html" id="userStateTpl"> <script type="text/html" id="userStateTpl">
{{# if(d.status ===1){ }} {{# if(d.openFlag ==="1"){ }}
<a class="layui-btn layui-btn-normal layui-btn-mini" lay-event="yes">已启用</a> <a class="layui-btn layui-btn-normal layui-btn-mini" lay-event="yes">已启用</a>
{{# } }} {{# } }}
{{# if(d.status ===0){ }} {{# if(d.openFlag ==="0"){ }}
<a class="layui-btn layui-btn-primary layui-btn-mini" lay-event="no">已禁用</a> <a class="layui-btn layui-btn-primary layui-btn-mini" lay-event="no">已禁用</a>
{{# } }} {{# } }}
</script> </script>
...@@ -82,18 +83,18 @@ ...@@ -82,18 +83,18 @@
table.on('tool(user)', function (obj) { table.on('tool(user)', function (obj) {
var data = obj.data; var data = obj.data;
if (obj.event === 'update') { if (obj.event === 'update') {
window.location.href = '${pageContext.request.contextPath}/admin/user/update/' + data.userId; window.location.href = '${pageContext.request.contextPath}/admin/user/update/' + data.id;
} }
//此处需要完善 //此处需要完善
if (obj.event === 'delete') { if (obj.event === 'delete') {
var userId = obj.data.userId; var id = obj.data.id;
layer.confirm('您确定要删除该用户吗?', { layer.confirm('您确定要删除该用户吗?', {
btn: ['确定', '取消'] //按钮 btn: ['确定', '取消'] //按钮
}, function () { }, function () {
layer.closeAll(); layer.closeAll();
$.post("${pageContext.request.contextPath}/admin/user/deleteUserById", {userId: userId}, function (data) { $.post("${pageContext.request.contextPath}/admin/user/deleteUserById", {id: id}, function (data) {
if ("success"==data) { if ("success"==data) {
//如果修改成功,则刷新页面 //如果修改成功,则刷新页面
window.location.reload(); //刷新当前页面 window.location.reload(); //刷新当前页面
...@@ -105,9 +106,9 @@ ...@@ -105,9 +106,9 @@
}); });
} }
if (obj.event === 'yes') { if (obj.event === 'yes') {
var userId = obj.data.userId; var userId = obj.data.id;
//已启用,设置为禁用 //已启用,设置为禁用
$.post("${pageContext.request.contextPath}/admin/user/updateState", {userId: userId, status: 0}, function (data) { $.post("${pageContext.request.contextPath}/admin/user/updateState", {id: userId, openFlag: 0}, function (data) {
var data = data; var data = data;
if (data == "success") { if (data == "success") {
//如果修改成功,则刷新页面 //如果修改成功,则刷新页面
...@@ -117,9 +118,9 @@ ...@@ -117,9 +118,9 @@
}) })
} }
if (obj.event === 'no') { if (obj.event === 'no') {
var userId = obj.data.userId; var userId = obj.data.id;
//已禁用,设置为启用 //已禁用,设置为启用
$.post("${pageContext.request.contextPath}/admin/user/updateState", {userId: userId, status: 1}, function (data) { $.post("${pageContext.request.contextPath}/admin/user/updateState", {id: userId, openFlag: 1}, function (data) {
var data = data; var data = data;
if (data == "success") { if (data == "success") {
//如果修改成功,则刷新页面 //如果修改成功,则刷新页面
......
src/main/webapp/WEB-INF/jsp/admin/user/update.jsp
...@@ -38,7 +38,7 @@ ...@@ -38,7 +38,7 @@
<form class="layui-form layui-form-pane" <form class="layui-form layui-form-pane"
action="${pageContext.request.contextPath}/admin/user/update/" action="${pageContext.request.contextPath}/admin/user/update/"
method="post"> method="post">
<input type="text" name="userId" placeholder="用户ID" value="${user.userId}" hidden> <input type="text" name="id" placeholder="用户ID" value="${user.id}" hidden>
<div class="layui-form-item"> <div class="layui-form-item">
<label class="layui-form-label">登录名</label> <label class="layui-form-label">登录名</label>
<div class="layui-input-block"> <div class="layui-input-block">
...@@ -50,8 +50,8 @@ ...@@ -50,8 +50,8 @@
<div class="layui-form-item"> <div class="layui-form-item">
<label class="layui-form-label">用户姓名</label> <label class="layui-form-label">用户姓名</label>
<div class="layui-input-block"> <div class="layui-input-block">
<input type="text" name="staffname" lay-verify="required" placeholder="请输入用户姓名" <input type="text" name="trueName" lay-verify="required" placeholder="请输入用户姓名"
value="${user.staffname}" value="${user.trueName}"
class="layui-input"> class="layui-input">
</div> </div>
</div> </div>
...@@ -62,45 +62,75 @@ ...@@ -62,45 +62,75 @@
class="layui-input"> class="layui-input">
</div> </div>
</div> </div>
<div class="layui-form-item"> <div class="layui-form-item">
<label class="layui-form-label">所属部门</label> <label class="layui-form-label">身份证号码</label>
<div class="layui-input-block"> <div class="layui-input-block">
<select name="deptId" lay-verify="required" lay-search=""> <input type="text" name="identitycard" placeholder="请输入身份证号"
<option value="">请输入或选择部门</option> value="${user.identitycard}" class="layui-input">
<c:forEach items="${depts}" var="dept"> </div>
<c:if test="${user.deptId==dept.id}"> </div>
<option value="${dept.id}" selected>${dept.name}</option> <div class="layui-form-item">
</c:if> <label class="layui-form-label">联系电话</label>
<c:if test="${user.deptId!=dept.id}"> <div class="layui-input-block">
<option value="${dept.id}">${dept.name}</option> <input type="text" name="telephone" placeholder="请输入联系电话"
</c:if> value="${user.telephone}" class="layui-input">
</c:forEach> </div>
</div>
<div class="layui-form-item">
<label class="layui-form-label">用户警号</label>
<div class="layui-input-block">
<input type="text" name="policemanid" placeholder="请输入警号"
value="${user.policemanid}" class="layui-input">
</div>
</div>
<div class="layui-form-item">
<label class="layui-form-label">用户等级</label>
<div class="layui-input-block">
<select id="grade" name="grade" lay-verify="" lay-filter="grade">
<option value="">请选择</option>
<option value="X">县级</option>
<option value="D">地市级</option>
<option value="S">省级</option>
<option value="T">特级</option>
</select> </select>
</div> </div>
</div> </div>
<div class="layui-form-item"> <div class="layui-form-item">
<label class="layui-form-label">所属单位</label>
<div class="layui-input-block">
<input type="text" name="unitname" id="unitname" lay-verify="required"
class="layui-input">
<input type="text" id="unitcode" Name="unitcode" style="display: none;">
<span class="layui-btn" id="checkPer" onclick="checkTree('myUnitTree');">选择单位</span>
<div id="myUnitTree" style="display: none">
<ul id="unit" class="ztree"></ul>
</div>
</div>
</div>
<div class="layui-form-item">
<label class="layui-form-label">用户角色</label> <label class="layui-form-label">用户角色</label>
<div class="layui-input-block"> <div class="layui-input-block">
<c:forEach items="${roles}" var="role" varStatus="idxStatus"> <input type="text" name="roleName" id="roleName" lay-verify="required"
<c:if test="${user.roleId==role.id}"> class="layui-input">
<input type="radio" name="roleId" value="${role.id}" title="${role.name}" checked> <input type="text" id="roleId" Name="roleId" style="display: none;">
</c:if> <span class="layui-btn" id="checkRolePid" onclick="checkTree('myRoleTree');">选择角色</span>
<c:if test="${user.roleId!=role.id}"> <div id="myRoleTree" style="display: none">
<input type="radio" name="roleId" value="${role.id}" title="${role.name}"> <ul id="roleTree" class="ztree"></ul>
</c:if> </div>
</c:forEach>
</div> </div>
</div> </div>
<div class="layui-form-item"> <div class="layui-form-item">
<label class="layui-form-label">用户状态</label> <label class="layui-form-label">用户状态</label>
<div class="layui-input-block"> <div class="layui-input-block">
<c:if test="${user.status==0 or user.status==null}"> <c:if test="${user.openFlag==0 or user.openFlag==null}">
<input type="radio" name="status" value="0" title="已禁用" checked> <input type="radio" name="openFlag" value="0" title="已禁用" checked>
<input type="radio" name="status" value="1" title="已启用"> <input type="radio" name="openFlag" value="1" title="已启用">
</c:if> </c:if>
<c:if test="${user.status==1}"> <c:if test="${user.openFlag==1}">
<input type="radio" name="status" value="0" title="已禁用"> <input type="radio" name="openFlag" value="0" title="已禁用">
<input type="radio" name="status" value="1" title="已启用" checked> <input type="radio" name="openFlag" value="1" title="已启用" checked>
</c:if> </c:if>
</div> </div>
</div> </div>
...@@ -116,7 +146,6 @@ ...@@ -116,7 +146,6 @@
</div> </div>
<span hidden id="msg">${msg}</span> <span hidden id="msg">${msg}</span>
<script src="${pageContext.request.contextPath}/resources/layui/layui.js"></script> <script src="${pageContext.request.contextPath}/resources/layui/layui.js"></script>
<script src="${pageContext.request.contextPath}/resources/jquery-3.1.0.min.js"></script>
<script> <script>
layui.use(['element', 'form', 'jquery'], function () { layui.use(['element', 'form', 'jquery'], function () {
var form = layui.form, var form = layui.form,
...@@ -139,6 +168,39 @@ ...@@ -139,6 +168,39 @@
if (msg.length!=""){ if (msg.length!=""){
layer.msg(msg, {icon: 5}); layer.msg(msg, {icon: 5});
} }
//设置用户等级
var grade = "${user.grade}";
$("#grade").val(grade);
form.render('select');
var data = ${unit};
var zNodes =[];
for (var i=0;i<data.length;i++){
//设置原有单位回显
$("#unitname").val(data[i].name);
$("#unitcode").val(data[i].codeStr);
zNodes.push({id:data[i].codeStr,pId:data[i].pid,name:data[i].name,open:false,file:"core/simpleData"});
}
setTree(zNodes,"unit","nocheck","unitcode","unitname");
var data = ${role};
var checkData = ${oldRole};
var oldPerStr = "",oldPerIdStr="";
var zNodes =[];
for (var i=0;i<data.length;i++){
var bool = false;
for (var j=0;j<checkData.length;j++){
if(data[i].id == checkData[j].id){
//设置原有的权限回显
oldPerIdStr+=checkData[j].id+",";
oldPerStr+=checkData[j].rolename+",";
bool = true;
}
}
zNodes.push({id:data[i].id,pId:data[i].pid,name:data[i].rolename,checked:bool,open:false,file:"core/simpleData"});
}
setTree(zNodes,"roleTree","check","roleId","roleName");
//设置原有权限回显
$("#roleId").val(oldPerIdStr);
$("#roleName").val(oldPerStr);
}); });
</script> </script>
......
src/main/webapp/WEB-INF/jsp/index.jsp
...@@ -73,7 +73,7 @@ ...@@ -73,7 +73,7 @@
</li> </li>
</shiro:hasRole>--%> </shiro:hasRole>--%>
<li class="dropDown dropDown_hover"> <li class="dropDown dropDown_hover">
<a href="#" class="dropDown_A"><shiro:principal property="staffname"/><i class="Hui-iconfont">&#xe6d5;</i></a> <a href="#" class="dropDown_A"><shiro:principal property="trueName"/><i class="Hui-iconfont">&#xe6d5;</i></a>
<ul class="dropDown-menu menu radius box-shadow"> <ul class="dropDown-menu menu radius box-shadow">
<%--<li> <%--<li>
<a href="javascript:;" onClick="member_info()">个人信息</a> <a href="javascript:;" onClick="member_info()">个人信息</a>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment