Java如何實現權限管理系統
這篇文章主要介紹了Java如何實現權限管理系統��,具有一定借鑒價值��,感興趣的朋友可以參考下��,希望大家閱讀完這篇文章之后大有收獲��,下面讓小編帶著大家一起了解一下���。
springboot+mybatis使用面向切面編程(AOP)實現的權限管理系統�����。 共五個模塊�����,角色管理��,菜單管理����,實驗室管理�,學生管理�����,管理員管理�����。
角色管理分一個超級管理員���,編輯權限����。 菜單管理顯示各個管理的鏈接和編輯�。 實驗室管理有excel導入�,簽到總人數���。 學生管理有excel導入���。 增刪改查在每個部分均能實現���。
后臺角色管理控制器:
/**
* 后臺角色管理控制器
* @author yy
*
*/
@RequestMapping("/admin/role")
@Controller
public class RoleController {
private Logger log = LoggerFactory.getLogger(RoleController.class);
@Autowired
private MenuService menuService;
@Autowired
private OperaterLogService operaterLogService;
@Autowired
private RoleService roleService;
/**
* 分頁搜索角色列表
* @param model
* @param role
* @param pageBean
* @return
*/
@RequestMapping(value="/list")
public String list(Model model,Role role,PageBean<Role> pageBean){
model.addAttribute("title", "角色列表");
model.addAttribute("name", role.getName());
model.addAttribute("pageBean", roleService.findByName(role, pageBean));
return "admin/role/list";
}
/**
* 角色添加頁面
* @param model
* @return
*/
@RequestMapping(value="/add",method=RequestMethod.GET)
public String add(Model model){
List<Menu> findAll = menuService.findAll();
model.addAttribute("topMenus",MenuUtil.getTopMenus(findAll));
model.addAttribute("secondMenus",MenuUtil.getSecondMenus(findAll));
model.addAttribute("thirdMenus",MenuUtil.getThirdMenus(findAll));
return "admin/role/add";
}
/**
* 角色添加表單提交處理
* @param role
* @return
*/
@RequestMapping(value="/add",method=RequestMethod.POST)
@ResponseBody
public Result<Boolean> add(Role role){
//用統一驗證實體方法驗證是否合法
CodeMsg validate = ValidateEntityUtil.validate(role);
if(validate.getCode() != CodeMsg.SUCCESS.getCode()){
return Result.error(validate);
}
if(roleService.save(role) == null){
return Result.error(CodeMsg.ADMIN_ROLE_ADD_ERROR);
}
log.info("添加角色【"+role+"】");
operaterLogService.add("添加角色【"+role.getName()+"】");
return Result.success(true);
}
/**
* 角色編輯頁面
* @param id
* @param model
* @return
*/
@RequestMapping(value="/edit",method=RequestMethod.GET)
public String edit(@RequestParam(name="id",required=true)Long id,Model model){
List<Menu> findAll = menuService.findAll();
model.addAttribute("topMenus",MenuUtil.getTopMenus(findAll));
model.addAttribute("secondMenus",MenuUtil.getSecondMenus(findAll));
model.addAttribute("thirdMenus",MenuUtil.getThirdMenus(findAll));
Role role = roleService.find(id);
model.addAttribute("role", role);
model.addAttribute("authorities",JSONArray.toJSON(role.getAuthorities()).toString());
return "admin/role/edit";
}
/**
* 角色修改表單提交處理
* @param request
* @param role
* @return
*/
@RequestMapping(value="/edit",method=RequestMethod.POST)
@ResponseBody
public Result<Boolean> edit(Role role){
//用統一驗證實體方法驗證是否合法
CodeMsg validate = ValidateEntityUtil.validate(role);
if(validate.getCode() != CodeMsg.SUCCESS.getCode()){
return Result.error(validate);
}
Role existRole = roleService.find(role.getId());
if(existRole == null){
return Result.error(CodeMsg.ADMIN_ROLE_NO_EXIST);
}
existRole.setName(role.getName());
existRole.setRemark(role.getRemark());
existRole.setStatus(role.getStatus());
existRole.setAuthorities(role.getAuthorities());
if(roleService.save(existRole) == null){
return Result.error(CodeMsg.ADMIN_ROLE_EDIT_ERROR);
}
log.info("編輯角色【"+role+"】");
operaterLogService.add("編輯角色【"+role.getName()+"】");
return Result.success(true);
}
/**
* 刪除角色
* @param request
* @param id
* @return
*/
@RequestMapping(value="delete",method=RequestMethod.POST)
@ResponseBody
public Result<Boolean> delete(@RequestParam(name="id",required=true)Long id){
try {
roleService.delete(id);
} catch (Exception e) {
// TODO: handle exception
return Result.error(CodeMsg.ADMIN_ROLE_DELETE_ERROR);
}
log.info("編輯角色ID【"+id+"】");
operaterLogService.add("刪除角色ID【"+id+"】");
return Result.success(true);
}
}后臺用戶管理控制器:
/**
* 后臺用戶管理控制器
* @author yy
*
*/
@RequestMapping("/admin/user")
@Controller
public class UserController {
@Autowired
private UserService userService;
@Autowired
private RoleService roleService;
@Autowired
private OperaterLogService operaterLogService;
/**
* 用戶列表頁面
* @param model
* @param user
* @param pageBean
* @return
*/
@RequestMapping(value="/list")
public String list(Model model,User user,PageBean<User> pageBean){
model.addAttribute("title", "用戶列表");
model.addAttribute("username", user.getUsername());
model.addAttribute("pageBean", userService.findList(user, pageBean));
return "admin/user/list";
}
/**
* 新增用戶頁面
* @param model
* @return
*/
@RequestMapping(value="/add",method=RequestMethod.GET)
public String add(Model model){
model.addAttribute("roles", roleService.findAll());
return "admin/user/add";
}
/**
* 用戶添加表單提交處理
* @param user
* @return
*/
@RequestMapping(value="/add",method=RequestMethod.POST)
@ResponseBody
public Result<Boolean> add(User user){
//用統一驗證實體方法驗證是否合法
CodeMsg validate = ValidateEntityUtil.validate(user);
if(validate.getCode() != CodeMsg.SUCCESS.getCode()){
return Result.error(validate);
}
if(user.getRole() == null || user.getRole().getId() == null){
return Result.error(CodeMsg.ADMIN_USER_ROLE_EMPTY);
}
//判斷用戶名是否存在
if(userService.isExistUsername(user.getUsername(), 0l)){
return Result.error(CodeMsg.ADMIN_USERNAME_EXIST);
}
//到這說明一切符合條件�����,進行數據庫新增
if(userService.save(user) == null){
return Result.error(CodeMsg.ADMIN_USE_ADD_ERROR);
}
operaterLogService.add("添加用戶����,用戶名:" + user.getUsername());
return Result.success(true);
}
/**
* 用戶編輯頁面
* @param model
* @return
*/
@RequestMapping(value="/edit",method=RequestMethod.GET)
public String edit(Model model,@RequestParam(name="id",required=true)Long id){
model.addAttribute("roles", roleService.findAll());
model.addAttribute("user", userService.find(id));
return "admin/user/edit";
}
/**
* 編輯用戶信息表單提交處理
* @param user
* @return
*/
@RequestMapping(value="/edit",method=RequestMethod.POST)
@ResponseBody
public Result<Boolean> edit(User user){
//用統一驗證實體方法驗證是否合法
CodeMsg validate = ValidateEntityUtil.validate(user);
if(validate.getCode() != CodeMsg.SUCCESS.getCode()){
return Result.error(validate);
}
if(user.getRole() == null || user.getRole().getId() == null){
return Result.error(CodeMsg.ADMIN_USER_ROLE_EMPTY);
}
if(user.getId() == null || user.getId().longValue() <= 0){
return Result.error(CodeMsg.ADMIN_USE_NO_EXIST);
}
if(userService.isExistUsername(user.getUsername(), user.getId())){
return Result.error(CodeMsg.ADMIN_USERNAME_EXIST);
}
//到這說明一切符合條件���,進行數據庫保存
User findById = userService.find(user.getId());
//講提交的用戶信息指定字段復制到已存在的user對象中,該方法會覆蓋新字段內容
BeanUtils.copyProperties(user, findById, "id","createTime","updateTime");
if(userService.save(findById) == null){
return Result.error(CodeMsg.ADMIN_USE_EDIT_ERROR);
}
operaterLogService.add("編輯用戶�����,用戶名:" + user.getUsername());
return Result.success(true);
}
/**
* 刪除用戶
* @param id
* @return
*/
@RequestMapping(value="/delete",method=RequestMethod.POST)
@ResponseBody
public Result<Boolean> delete(@RequestParam(name="id",required=true)Long id){
try {
userService.delete(id);
} catch (Exception e) {
return Result.error(CodeMsg.ADMIN_USE_DELETE_ERROR);
}
operaterLogService.add("刪除用戶�����,用戶ID:" + id);
return Result.success(true);
}
}系統控制器:
/**
* 系統控制器
* @author yy
*
*/
@RequestMapping("/system")
@Controller
public class SystemController {
@Autowired
private OperaterLogService operaterLogService;
@Autowired
private UserService userService;
@Autowired
private DatabaseBakService databaseBakService;
@Autowired
private StaffService staffService;
@Autowired
private OrderAuthService orderAuthService;
private Logger log = LoggerFactory.getLogger(SystemController.class);
/**
* 登錄頁面
* @param model
* @return
*/
@RequestMapping(value="/login",method=RequestMethod.GET)
public String login(Model model){
model.addAttribute("loginTypes", LoginType.values());
return "admin/system/login";
}
/**
* 用戶登錄提交表單處理方法
* @param request
* @param cpacha
* @return
*/
@RequestMapping(value="/login",method=RequestMethod.POST)
@ResponseBody
public Result<Boolean> login(HttpServletRequest request,String username,String password,String cpacha,Integer type){
if(StringUtils.isEmpty(username)){
return Result.error(CodeMsg.ADMIN_USERNAME_EMPTY);
}
if(StringUtils.isEmpty(password)){
return Result.error(CodeMsg.ADMIN_PASSWORD_EMPTY);
}
//表示實體信息合法���,開始驗證驗證碼是否為空
if(StringUtils.isEmpty(cpacha)){
return Result.error(CodeMsg.CPACHA_EMPTY);
}
//說明驗證碼不為空����,從session里獲取驗證碼
Object attribute = request.getSession().getAttribute("admin_login");
if(attribute == null){
return Result.error(CodeMsg.SESSION_EXPIRED);
}
//表示session未失效����,進一步判斷用戶填寫的驗證碼是否正確
if(!cpacha.equalsIgnoreCase(attribute.toString())){
return Result.error(CodeMsg.CPACHA_ERROR);
}
if(type == LoginType.ADMINISTRATOR.getCode()){
//表示驗證碼正確�,開始查詢數據庫���,檢驗密碼是否正確
User findByUsername = userService.findByUsername(username);
//判斷是否為空
if(findByUsername == null){
return Result.error(CodeMsg.ADMIN_USERNAME_NO_EXIST);
}
//表示用戶存在���,進一步對比密碼是否正確
if(!findByUsername.getPassword().equals(password)){
return Result.error(CodeMsg.ADMIN_PASSWORD_ERROR);
}
//表示密碼正確�����,接下來判斷用戶狀態是否可用
if(findByUsername.getStatus() == User.ADMIN_USER_STATUS_UNABLE){
return Result.error(CodeMsg.ADMIN_USER_UNABLE);
}
//檢查用戶所屬角色狀態是否可用
if(findByUsername.getRole() == null || findByUsername.getRole().getStatus() == Role.ADMIN_ROLE_STATUS_UNABLE){
return Result.error(CodeMsg.ADMIN_USER_ROLE_UNABLE);
}
//檢查用戶所屬角色的權限是否存在
if(findByUsername.getRole().getAuthorities() == null || findByUsername.getRole().getAuthorities().size() == 0){
return Result.error(CodeMsg.ADMIN_USER_ROLE_AUTHORITES_EMPTY);
}
//檢查一切符合��,可以登錄��,將用戶信息存放至session
request.getSession().setAttribute(SessionConstant.SESSION_USER_LOGIN_KEY, findByUsername);
request.getSession().setAttribute("loginType",type);
//銷毀session中的驗證碼
request.getSession().setAttribute("admin_login", null);
//將登陸記錄寫入日志庫
operaterLogService.add("用戶【"+username+"】于【" + StringUtil.getFormatterDate(new Date(), "yyyy-MM-dd HH:mm:ss") + "】登錄系統���!");
log.info("用戶成功登錄���,user = " + findByUsername);
}else{
Staff byJobNumber = staffService.findByNameAndIsStatus(username);
//判斷是否為空
if(byJobNumber == null){
return Result.error(CodeMsg.ADMIN_USERNAME_NO_EXIST);
}
//表示用戶存在����,進一步對比密碼是否正確
if(!byJobNumber.getPassword().equals(password)){
return Result.error(CodeMsg.ADMIN_PASSWORD_ERROR);
}
//檢查用戶所屬角色狀態是否可用
if(byJobNumber.getRole() == null || byJobNumber.getRole().getStatus() == Role.ADMIN_ROLE_STATUS_UNABLE){
return Result.error(CodeMsg.ADMIN_USER_ROLE_UNABLE);
}
//檢查用戶所屬角色的權限是否存在
if(byJobNumber.getRole().getAuthorities() == null || byJobNumber.getRole().getAuthorities().size() == 0){
return Result.error(CodeMsg.ADMIN_USER_ROLE_AUTHORITES_EMPTY);
}
//檢查一切符合��,可以登錄�����,將用戶信息存放至session
request.getSession().setAttribute(SessionConstant.SESSION_STAFF_LOGIN_KEY, byJobNumber);
request.getSession().setAttribute("loginType",type);
//銷毀session中的驗證碼
request.getSession().setAttribute("admin_login", null);
//將登陸記錄寫入日志庫
operaterLogService.add("用戶【"+username+"】于【" + StringUtil.getFormatterDate(new Date(), "yyyy-MM-dd HH:mm:ss") + "】登錄系統�!");
log.info("員工成功登錄�����,user = " + byJobNumber);
}
return Result.success(true);
}
/**
* 登錄成功后的系統主頁
* @param model
* @return
*/
@RequestMapping(value="/index")
public String index(Model model){
model.addAttribute("operatorLogs", operaterLogService.findLastestLog(10));
model.addAttribute("userTotal", userService.total());
model.addAttribute("operatorLogTotal", operaterLogService.total());
model.addAttribute("databaseBackupTotal", databaseBakService.total());
model.addAttribute("onlineUserTotal", SessionListener.onlineUserCount);
return "admin/system/index";
}
/**
* 注銷登錄
* @return
*/
@RequestMapping(value="/logout")
public String logout(){
Integer loginType = (Integer) SessionUtil.get("loginType");
if(loginType == LoginType.ADMINISTRATOR.getCode()){
User loginedUser = SessionUtil.getLoginedUser();
if(loginedUser != null){
SessionUtil.set(SessionConstant.SESSION_USER_LOGIN_KEY, null);
}
}else if(loginType == LoginType.STAFF.getCode()){
Staff loginedStaff = SessionUtil.getLoginedStaff();
if(loginedStaff != null){
SessionUtil.set(SessionConstant.SESSION_STAFF_LOGIN_KEY,null);
}
}
return "redirect:login";
}
/**
* 無權限提示頁面
* @return
*/
@RequestMapping(value="/no_right")
public String noRight(){
return "admin/system/no_right";
}
/**
* 修改用戶個人信息
* @return
*/
@RequestMapping(value="/update_userinfo",method=RequestMethod.GET)
public String updateUserInfo(){
return "admin/system/update_userinfo";
}
/**
* 修改個人信息保存
* @param user
* @return
*/
@RequestMapping(value="/update_userinfo",method=RequestMethod.POST)
public String updateUserInfo(User user){
User loginedUser = SessionUtil.getLoginedUser();
loginedUser.setEmail(user.getEmail());
loginedUser.setMobile(user.getMobile());
loginedUser.setHeadPic(user.getHeadPic());
//首先保存到數據庫
userService.save(loginedUser);
//更新session里的值
SessionUtil.set(SessionConstant.SESSION_USER_LOGIN_KEY, loginedUser);
return "redirect:update_userinfo";
}
/**
* 修改密碼頁面
* @return
*/
@RequestMapping(value="/update_pwd",method=RequestMethod.GET)
public String updatePwd(){
return "admin/system/update_pwd";
}
/**
* 修改密碼表單提交
* @param oldPwd
* @param newPwd
* @return
*/
@RequestMapping(value="/update_pwd",method=RequestMethod.POST)
@ResponseBody
public Result<Boolean> updatePwd(@RequestParam(name="oldPwd",required=true)String oldPwd,
@RequestParam(name="newPwd",required=true)String newPwd
){
Integer loginType = (Integer) SessionUtil.get("loginType");
if(loginType == LoginType.ADMINISTRATOR.getCode()){
User loginedUser = SessionUtil.getLoginedUser();
if(!loginedUser.getPassword().equals(oldPwd)){
return Result.error(CodeMsg.ADMIN_USER_UPDATE_PWD_ERROR);
}
if(StringUtils.isEmpty(newPwd)){
return Result.error(CodeMsg.ADMIN_USER_UPDATE_PWD_EMPTY);
}
if(newPwd.length()<4 || newPwd.length()>32){
return Result.error(CodeMsg.ADMIN_USER_PWD_LENGTH_ERROR);
}
loginedUser.setPassword(newPwd);
//保存數據庫
userService.save(loginedUser);
//更新session
SessionUtil.set(SessionConstant.SESSION_USER_LOGIN_KEY, loginedUser);
}else{
Staff loginedStaff = SessionUtil.getLoginedStaff();
Staff staff = staffService.find(loginedStaff.getId());
if(!staff.getPassword().equals(oldPwd)){
return Result.error(CodeMsg.ADMIN_USER_UPDATE_PWD_ERROR);
}
if(StringUtils.isEmpty(newPwd)){
return Result.error(CodeMsg.ADMIN_USER_UPDATE_PWD_EMPTY);
}
staff.setPassword(newPwd);
CodeMsg codeMsg = ValidateEntityUtil.validate(staff);
if (codeMsg.getCode() != CodeMsg.SUCCESS.getCode()){
return Result.error(codeMsg);
}
loginedStaff.setPassword(newPwd);
//保存數據庫
staffService.save(loginedStaff);
//更新session
SessionUtil.set(SessionConstant.SESSION_STAFF_LOGIN_KEY, loginedStaff);
}
return Result.success(true);
}
/**
* 日志管理列表
* @param model
* @param operaterLog
* @param pageBean
* @return
*/
@RequestMapping(value="/operator_log_list")
public String operatorLogList(Model model,OperaterLog operaterLog,PageBean<OperaterLog> pageBean){
model.addAttribute("pageBean", operaterLogService.findList(operaterLog, pageBean));
model.addAttribute("operator", operaterLog.getOperator());
model.addAttribute("title", "日志列表");
return "admin/system/operator_log_list";
}
/**
* 驗證訂單
* @param orderSn
* @param phone
* @return
*/
@RequestMapping(value="/auth_order",method=RequestMethod.POST)
@ResponseBody
public Result<Boolean> authOrder(@RequestParam(name="orderSn",required=true)String orderSn,@RequestParam(name="phone",required=true)String phone){
OrderAuth orderAuth = new OrderAuth();
orderAuth.setMac(StringUtil.getMac());
orderAuth.setOrderSn(orderSn);
orderAuth.setPhone(phone);
orderAuthService.save(orderAuth);
AppConfig.ORDER_AUTH = 1;
return Result.success(true);
}
/**
* 刪除操作日志�,可刪除多個
* @param ids
* @return
*/
@RequestMapping(value="/delete_operator_log",method=RequestMethod.POST)
@ResponseBody
public Result<Boolean> delete(String ids){
if(!StringUtils.isEmpty(ids)){
String[] splitIds = ids.split(",");
for(String id : splitIds){
operaterLogService.delete(Long.valueOf(id));
}
}
return Result.success(true);
}
/**
* 清空整個日志
* @return
*/
@RequestMapping(value="/delete_all_operator_log",method=RequestMethod.POST)
@ResponseBody
public Result<Boolean> deleteAll(){
operaterLogService.deleteAll();
return Result.success(true);
}
}感謝你能夠認真閱讀完這篇文章�,希望小編分享的“Java如何實現權限管理系統”這篇文章對大家有幫助���,同時也希望大家多多支持億速云�����,關注億速云行業資訊頻道����,更多相關知識等著你來學習!
