Filter(过滤器)常见应用(三)——权限管理系统(二)

 

Filter(过滤器)常见应用(三)——权限管理系统(二)

标签: Java-Web基础
  1157人阅读  评论(0)  收藏  举报
  分类:

目录(?)[+]

由于开发一个简陋的权限管理系统,用一篇文章记录我的所思所想,会导致篇幅太长,不易观看,所以我索性一分为三,做成三篇文章。这篇博文承接上一篇文章——Filter(过滤器)常见应用(三)——权限管理系统(一)。 
在上一篇文章中,我们已经开发好了domain层、dao层、service层,现在我们来开发web层。

权限管理系统的设计和分析

开发web层

我们使用权限管理系统,一般是在后台管理页面,因此我们首先在WebRoot根目录下新建一个后台管理页面——manager.jsp,为了能让该页面显示的更加优美,我们可以采用分帧技术来设计。 
这里写图片描述 
这样的页面的内容是:

<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>后台管理页面(采用分帧技术)</title>
</head>
<frameset rows="22%,*">
    <frame name="head" src="${pageContext.request.contextPath }/security/head.jsp">
    <frameset cols="15%,*">
        <frame name="left" src="${pageContext.request.contextPath }/security/left.jsp">
        <frame name="right" src="#">
    </frameset>
</frameset>
</html>
   
   
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16

接下来我们就在WebRoot根目录下的security目录下新建一个表示页头的页面——head.jsp。 
这里写图片描述 
这样的页面的内容很简单,如下:

<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>页头</title>
</head>
<body style="text-align: center;">
    <h1>XXX后台管理</h1>
</body>
</html>
   
   
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12

再接下来我们还要在WebRoot根目录下的security目录下新建一个代表左侧导航栏的页面——left.jsp。 
这里写图片描述 
这样的页面的内容是:

<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>左侧导航栏</title>
</head>
<body>
    <br/><br/>
    <a href="${pageContext.request.contextPath }/PrivilegeServlet?method=getAll" target="right">权限管理</a>
    <br/><br/>
    <a href="${pageContext.request.contextPath }/ResourceServlet?method=getAll" target="right">资源管理</a>
    <br/><br/>
    <a href="${pageContext.request.contextPath }/RoleServlet?method=getAll" target="right">角色管理</a>
    <br/><br/>
    <a href="${pageContext.request.contextPath }/UserServlet?method=getAll" target="right">用户管理</a>
    <br/><br/>
</body>
</html>
   
   
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20

管理员点击权限管理超链接时,本应交给一个诸如ListPrivilegeServlet这样的Servlet去处理,即获取所有权限。随之而来的代码就应该是这样的:

<a href="${pageContext.request.contextPath }/ListPrivilegeServlet" target="right">权限管理</a>
   
   
  • 1

上面的代码隐形地规定了每一个请求对应一个Servlet,这样做并不好。就以权限管理模块为例

  • 管理员点击权限管理超链接时,该请求就要有一个对应的Servlet来处理,诸如ListPrivilegeServlet。
  • 管理员点击添加权限超链接时,该请求就要有一个对应的Servlet来处理,以此提供一个添加权限的页面,诸如AddPrivilegeUIServlet。
  • 管理员点击添加权限按钮时,该请求就要有一个对应的Servlet来处理,诸如AddPrivilegeServlet。

以此类推,那么资源管理模块、角色管理模块以及用户管理模块等等都要有大量的相应处理的Servlet。试问你在cn.itcast.web.controller包写几十个Servlet,你恶心不恶心啊!所以为了避免这种情况的发生,我们可以这样来写:

<a href="${pageContext.request.contextPath }/PrivilegeServlet?method=getAll" target="right">权限管理</a>
   
   
  • 1

就用一个Servlet,诸如PrivilegeServlet来处理所有与权限相关的请求,如若这样,那么每一个模块就只对应一个Servlet,也就说我们只需要在cn.itcast.web.controller包写4个Servlet就够了,你说这样爽不爽呢? 
同样以权限管理模块为例,如果就用一个PrivilegeServlet来处理所有与权限相关的请求,只须在相应请求URL后面跟上method参数,然后在PrivilegeServlet中根据相应请求URL后面的method参数的值,将请求派发给对应的方法去处理。 
如,left.jsp页面中有这样的一个超链接:

<a href="${pageContext.request.contextPath }/PrivilegeServlet?method=getAll" target="right">权限管理</a>
   
   
  • 1

那么在PrivilegeServlet中的代码就应是这样的:

// 这个servlet处理所有与权限相关的请求
public class PrivilegeServlet extends HttpServlet {

    private SecurityService service = new SecurityService();

    protected void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {

        String method = request.getParameter("method");
        // 请求派发
        if ("getAll".equals(method)) {
            getAll(request, response);
        }

    }

    // 获取所有权限
    private void getAll(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        获取所有权限的相关代码......

    }

    protected void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        doGet(request, response);
    }

}
   
   
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29

到这里,权限管理这一模块的设计终于该登上历史舞台了。

权限管理模块的设计

当我们点击权限管理这一超链接时,就应将请求交给PrivilegeServlet。 
这里写图片描述 
又由于请求URL后面的method参数的值是getAll,因此要把请求派发给getAll方法处理,这样PrivilegeServlet的代码就应该为:

// 这个servlet处理所有与权限相关的请求
public class PrivilegeServlet extends HttpServlet {

    private SecurityService service = new SecurityService();

    protected void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {

        String method = request.getParameter("method");
        // 请求派发
        if ("getAll".equals(method)) {
            getAll(request, response);
        }

    }

    // 获取所有权限
    private void getAll(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        List<Privilege> list = service.getAllPrivilege();
        request.setAttribute("list", list);
        request.getRequestDispatcher("/security/listprivilege.jsp").forward(request, response);

    }

    protected void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        doGet(request, response);
    }

}
   
   
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31

顺其自然地,我们接下来应在WebRoot根目录下的security目录下新建一个展示权限列表的页面——listprivilege.jsp。 
这里写图片描述 
这样的页面的内容为:

<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8"%>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>权限列表</title>
</head>
<body style="text-align: center;">
    <br/><br/>
    <table width="60%" align="center">
        <tr>
            <td></td>
            <td></td>
            <td align="right">
                <a href="${pageContext.request.contextPath }/PrivilegeServlet?method=addUI">添加权限</a>
            </td>
        </tr>
    </table>
    <br/>
    <table width="60%" border="1" align="center">
        <tr>
            <td>权限名称</td>
            <td>权限描述</td>
            <td>操作</td>
        </tr>
        <c:forEach var="p" items="${list }">
            <tr>
                <td>${p.name }</td>
                <td>${p.description }</td>
                <td>
                    <a href="#">删除</a>
                    <a href="#">修改</a>
                </td>
            </tr>
        </c:forEach>
    </table>
</body>
</html>
   
   
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40

我们要添加一个权限,就应该点击添加权限的超链接,接着给我们提供一个添加权限的页面,同样地该请求也要交给PrivilegeServlet,又由于请求URL后面的method参数的值是addUI,因此要把请求派发给addUI方法处理,这样PrivilegeServlet的代码就应该为:

// 这个servlet处理所有与权限相关的请求
@WebServlet("/PrivilegeServlet")
public class PrivilegeServlet extends HttpServlet {

    private SecurityService service = new SecurityService();

    protected void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {

        String method = request.getParameter("method");
        // 请求派发
        if ("getAll".equals(method)) {
            getAll(request, response);
        }
        if ("addUI".equals(method)) {
            addUI(request, response);
        }

    }

    // 获取所有权限
    private void getAll(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        List<Privilege> list = service.getAllPrivilege();
        request.setAttribute("list", list);
        request.getRequestDispatcher("/security/listprivilege.jsp").forward(request, response);

    }

    // 为添加权限提供添加界面
    private void addUI(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        request.getRequestDispatcher("/security/addprivilege.jsp").forward(request, response);

    }

    protected void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        doGet(request, response);
    }

}
   
   
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42

接下来,我们应在WebRoot根目录下的security目录下新建一个添加权限的页面——addprivilege.jsp。 
这里写图片描述 
这样的页面的内容为:

<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>添加权限界面</title>
</head>
<body>
    <form action="${pageContext.request.contextPath }/PrivilegeServlet?method=add" method="post">
        <table>
            <tr>
                <td>权限名称</td>
                <td>
                    <input type="text" name="name">
                </td>
            </tr>
            <tr>
                <td>权限描述</td>
                <td>
                    <textarea rows="5" cols="50" name="description"></textarea>
                </td>
            </tr>
            <tr>
                <td></td>
                <td>
                    <input type="submit" value="添加权限">
                </td>
            </tr>
        </table>
    </form>
</body>
</html>
   
   
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33

当我们在以上页面填写完一个权限的详细信息之后,点击添加权限按钮,请求也应交给PrivilegeServlet,又由于请求URL后面的method参数的值是add,因此要把请求派发给add方法处理,这样PrivilegeServlet的代码就应该为:

// 这个servlet处理所有与权限相关的请求
public class PrivilegeServlet extends HttpServlet {

    private SecurityService service = new SecurityService();

    protected void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {

        String method = request.getParameter("method");
        // 请求派发
        if ("getAll".equals(method)) {
            getAll(request, response);
        }
        if ("add".equals(method)) {
            add(request, response);
        }
        if ("addUI".equals(method)) {
            addUI(request, response);
        }

    }

    // 获取所有权限
    private void getAll(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        List<Privilege> list = service.getAllPrivilege();
        request.setAttribute("list", list);
        request.getRequestDispatcher("/security/listprivilege.jsp").forward(request, response);

    }

    // 为添加权限提供添加界面
    private void addUI(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        request.getRequestDispatcher("/security/addprivilege.jsp").forward(request, response);

    }

    private void add(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        try {
            Privilege p = WebUtils.request2Bean(request, Privilege.class);
            p.setId(UUID.randomUUID().toString());
            service.addPrivilege(p);

            request.setAttribute("message", "添加成功!!!");
        } catch (Exception e) {
            e.printStackTrace();
            request.setAttribute("message", "添加失败!!!");
        }
        request.getRequestDispatcher("/message.jsp").forward(request, response);

    }

    protected void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        doGet(request, response);
    }

}
   
   
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60

可能小伙伴心里要不爽了,妈的,add()方法中怎么又多出了一个WebUtils类,这是从哪个缝里蹦出来的,不要担心,我来慢慢讲解,WebUtils类是一个工具类,它的职责就是将请求参数给封装到一个JavaBean中,应在cn.itcast.utils包下新建该类。 
这里写图片描述 
WebUtils类的具体代码如下:

public class WebUtils {

    public static <T> T request2Bean(HttpServletRequest request, Class<T> beanClass) {

        try {
            T t = beanClass.newInstance();
            Map map = request.getParameterMap();

            BeanUtils.populate(t, map);
            return t;
        } catch (Exception e) {
            throw new RuntimeException(e);
        }

    }
}
   
   
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16

千万不要忘了在WebRoot根目录下新建一个全局消息显示页面——message.jsp。 
这里写图片描述 
message.jsp页面的内容如下:

<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Insert title here</title>
</head>
<body>
    ${message }
</body>
</html>
   
   
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12

至此,我们的权限管理模块就设计完毕了。如果大家想要测试的话,千万不要忘了解决全站中文乱码,因为我在PrivilegeServlet没有写代码解决全站中文乱码,所以就应该给全站配一个解决全站中文乱码的过滤器。 
这里写图片描述 
提示:这样的过滤器我写过很多遍了,实在无心再写了,你若是第一次编写,可参考我前面的文章。 
这样的过滤器写好之后,还要在web.xml中配置哟!

<filter>
    <filter-name>CharacterEncodingFilter</filter-name>
    <filter-class>cn.itcast.web.filter.CharacterEncodingFilter</filter-class>
</filter>
<filter-mapping>
    <filter-name>CharacterEncodingFilter</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>
   
   
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8

写到这里,那你放心大胆去测试吧!接下来我们就要设计资源管理模块了。

资源管理模块的设计

当我们点击资源管理这一超链接时,就应将请求交给ResourceServlet。 
这里写图片描述 
又由于请求URL后面的method参数的值是getAll,因此要把请求派发给getAll方法处理,这样ResourceServlet的代码就应该为:

public class ResourceServlet extends HttpServlet {

    private SecurityService service = new SecurityService();

    protected void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {

        String method = request.getParameter("method");
        if ("getAll".equals(method)) {
            getAll(request, response);
        }

    }

    private void getAll(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        List<Resource> list = service.getAllResource();
        request.setAttribute("list", list);
        request.getRequestDispatcher("/security/listresource.jsp").forward(request, response);

    }

    protected void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        doGet(request, response);
    }

}
   
   
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28

顺其自然地,我们接下来应在WebRoot根目录下的security目录下新建一个展示资源列表的页面——listresource.jsp。 
这里写图片描述 
这样的页面的内容为:

<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8"%>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>资源列表</title>
</head>
<body>
    <br/><br/>
    <table width="80%" align="center">
        <tr>
            <td></td>
            <td></td>
            <td align="right">
                <a href="${pageContext.request.contextPath }/ResourceServlet?method=addUI">添加资源</a>
            </td>
        </tr>
    </table>
    <br/>
    <table width="80%" border="1" align="center">
        <tr>
            <td>资源uri</td>
            <td>控制资源的权限</td>
            <td>资源描述</td>
            <td>操作</td>
        </tr>
        <c:forEach var="r" items="${list }">
            <tr>
                <td>${r.uri }</td>
                <td>${r.privilege.name }</td>
                <td>${r.description }</td>
                <td>
                    <a href="${pageContext.request.contextPath }/ResourceServlet?method=forUpdatePrivilegeUI&id=${r.id }">修改资源的权限</a>
                    <a href="#">删除</a>
                </td>
            </tr>
        </c:forEach>
    </table>
</body>
</html>
   
   
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42

我们要添加一个资源,就应该点击添加资源的超链接,接着给我们提供一个添加资源的页面,同样地该请求也要交给ResourceServlet,又由于请求URL后面的method参数的值是addUI,因此要把请求派发给addUI方法处理,这样ResourceServlet的代码就应该为:

public class ResourceServlet extends HttpServlet {

    private SecurityService service = new SecurityService();

    protected void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {

        String method = request.getParameter("method");
        if ("getAll".equals(method)) {
            getAll(request, response);
        }
        if ("addUI".equals(method)) {
            addUI(request, response);
        }
    }   

    private void getAll(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        List<Resource> list = service.getAllResource();
        request.setAttribute("list", list);
        request.getRequestDispatcher("/security/listresource.jsp").forward(request, response);

    }

    private void addUI(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        request.getRequestDispatcher("/security/addresource.jsp").forward(request, response);

    }

    protected void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        doGet(request, response);
    }

}
   
   
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36

接下来,我们应在WebRoot根目录下的security目录下新建一个添加资源的页面——addresource.jsp。 
这里写图片描述 
这样的页面的内容为:

<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>添加资源界面</title>
</head>
<body>
    <form action="${pageContext.request.contextPath }/ResourceServlet?method=add" method="post">
        <table>
            <tr>
                <td>资源URI</td>
                <td>
                    <input type="text" name="uri">
                </td>
            </tr>
            <tr>
                <td>资源描述</td>
                <td>
                    <textarea rows="5" cols="50" name="description"></textarea>
                </td>
            </tr>
            <tr>
                <td></td>
                <td>
                    <input type="submit" value="添加资源">
                </td>
            </tr>
        </table>
    </form>
</body>
</html>
   
   
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33

当我们在以上页面填写完一个资源的详细信息之后,点击添加资源按钮,请求也应交给ResourceServlet,又由于请求URL后面的method参数的值是add,因此要把请求派发给add方法处理,这样ResourceServlet的代码就应该为:

public class ResourceServlet extends HttpServlet {

    private SecurityService service = new SecurityService();

    protected void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {

        String method = request.getParameter("method");
        if ("getAll".equals(method)) {
            getAll(request, response);
        }
        if ("addUI".equals(method)) {
            addUI(request, response);
        }
        if ("add".equals(method)) {
            add(request, response);
        }
    }   

    private void getAll(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        List<Resource> list = service.getAllResource();
        request.setAttribute("list", list);
        request.getRequestDispatcher("/security/listresource.jsp").forward(request, response);

    }

    private void addUI(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        request.getRequestDispatcher("/security/addresource.jsp").forward(request, response);

    }

    private void add(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        try {
            Resource r = WebUtils.request2Bean(request, Resource.class);
            r.setId(UUID.randomUUID().toString());
            service.addResource(r);

            request.setAttribute("message", "添加成功!!!");
        } catch (Exception e) {
            e.printStackTrace();
            request.setAttribute("message", "添加失败!!!");
        }
        request.getRequestDispatcher("/message.jsp").forward(request, response);

    }

    protected void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        doGet(request, response);
    }

}
   
   
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55

当添加完一个资源后,就要给其授予一个权限,我们可以在listresource.jsp页面点击修改资源的权限超链接,这时,请求也应交给ResourceServlet,该请求URL后面不仅要携带method参数,而且还要携带要修改资源的id。由于请求URL后面的method参数的值是forUpdatePrivilegeUI,因此要把请求派发给forUpdatePrivilegeUI方法处理,这样ResourceServlet的代码就应该为:

public class ResourceServlet extends HttpServlet {

    private SecurityService service = new SecurityService();

    protected void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {

        String method = request.getParameter("method");
        if ("getAll".equals(method)) {
            getAll(request, response);
        }
        if ("addUI".equals(method)) {
            addUI(request, response);
        }
        if ("add".equals(method)) {
            add(request, response);
        }
        if ("forUpdatePrivilegeUI".equals(method)) {
            forUpdatePrivilegeUI(request, response);
        }
    }   

    private void getAll(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        List<Resource> list = service.getAllResource();
        request.setAttribute("list", list);
        request.getRequestDispatcher("/security/listresource.jsp").forward(request, response);

    }

    private void addUI(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        request.getRequestDispatcher("/security/addresource.jsp").forward(request, response);

    }

    private void add(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        try {
            Resource r = WebUtils.request2Bean(request, Resource.class);
            r.setId(UUID.randomUUID().toString());
            service.addResource(r);

            request.setAttribute("message", "添加成功!!!");
        } catch (Exception e) {
            e.printStackTrace();
            request.setAttribute("message", "添加失败!!!");
        }
        request.getRequestDispatcher("/message.jsp").forward(request, response);

    }

    // 为更新资源权限提供UI界面
    private void forUpdatePrivilegeUI(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        String resourceid = request.getParameter("id");
        Resource r = service.finfResourceByID(resourceid);

        // 得到系统中的所有权限
        List<Privilege> list = service.getAllPrivilege();

        request.setAttribute("resource", r);
        request.setAttribute("list", list);

        request.getRequestDispatcher("/security/updateResourcePrivilege.jsp").forward(request, response);
    }

    protected void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        doGet(request, response);
    }

}
   
   
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73

紧接着,我们就要在WebRoot根目录下的security目录下新建一个更新资源的权限的页面——updateResourcePrivilege.jsp。 
这里写图片描述 
该页面的内容如下:

<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8"%>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>更新资源的权限界面</title>
</head>
<body>
    <table border="1" width="40%">
        <tr>
            <td>资源URI</td>
            <td>${resource.uri }</td>
        </tr>
        <tr>
            <td>资源描述</td>
            <td>${resource.description }</td>
        </tr>
        <tr>
            <td>资源原有权限</td>
            <td>${resource.privilege.name }</td>
        </tr>
        <tr>
            <td>须授予的权限</td>
            <td>
                <!-- 当下面表单提交时,会给服务器带去资源id和要授予的权限id  -->
                <form action="${pageContext.request.contextPath }/ResourceServlet?method=updatePrivilege" method="post">
                    <input type="hidden" name="rid" value="${resource.id }">
                    <c:forEach var="p" items="${list }">
                        <input type="radio" name="pid" value="${p.id }">${p.name }<br/>
                    </c:forEach>
                    <input type="submit" value="更新权限">
                </form>
            </td>
        </tr>

    </table>
</body>
</html>
   
   
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40

当我们给资源选中一个权限之后,点击更新权限的按钮,请求也应交给ResourceServlet,又由于请求URL后面的method参数的值是updatePrivilege,因此要把请求派发给updatePrivilege方法处理,这样ResourceServlet的代码就应该为:

public class ResourceServlet extends HttpServlet {

    private SecurityService service = new SecurityService();

    protected void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {

        String method = request.getParameter("method");
        if ("getAll".equals(method)) {
            getAll(request, response);
        }
        if ("addUI".equals(method)) {
            addUI(request, response);
        }
        if ("add".equals(method)) {
            add(request, response);
        }
        if ("forUpdatePrivilegeUI".equals(method)) {
            forUpdatePrivilegeUI(request, response);
        }
        if ("updatePrivilege".equals(method)) {
            updatePrivilege(request, response);
        }
    }   

    private void getAll(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        List<Resource> list = service.getAllResource();
        request.setAttribute("list", list);
        request.getRequestDispatcher("/security/listresource.jsp").forward(request, response);

    }

    private void addUI(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        request.getRequestDispatcher("/security/addresource.jsp").forward(request, response);

    }

    private void add(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        try {
            Resource r = WebUtils.request2Bean(request, Resource.class);
            r.setId(UUID.randomUUID().toString());
            service.addResource(r);

            request.setAttribute("message", "添加成功!!!");
        } catch (Exception e) {
            e.printStackTrace();
            request.setAttribute("message", "添加失败!!!");
        }
        request.getRequestDispatcher("/message.jsp").forward(request, response);

    }

    // 为更新资源权限提供UI界面
    private void forUpdatePrivilegeUI(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        String resourceid = request.getParameter("id");
        Resource r = service.finfResourceByID(resourceid);

        // 得到系统中的所有权限
        List<Privilege> list = service.getAllPrivilege();

        request.setAttribute("resource", r);
        request.setAttribute("list", list);

        request.getRequestDispatcher("/security/updateResourcePrivilege.jsp").forward(request, response);
    }

    // 更新资源的权限
    private void updatePrivilege(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        try {
            String resourceid = request.getParameter("rid");
            String privilegeid = request.getParameter("pid");
            service.updateResourcePrivilege(resourceid, privilegeid);

            request.setAttribute("message", "更新成功!!!");
        } catch (Exception e) {
            e.printStackTrace();
            request.setAttribute("message", "更新失败!!!");
        }
        request.getRequestDispatcher("/message.jsp").forward(request, response);

    }

    protected void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        doGet(request, response);
    }

}
   
   
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93

至此,我们的资源管理模块就已设计完毕了,欢迎您测试!接下来,我们就来设计角色管理模块。

角色管理模块的设计

当我们点击角色管理这一超链接时,就应将请求交给RoleServlet。 
这里写图片描述 
又由于请求URL后面的method参数的值是getAll,因此要把请求派发给getAll方法处理,这样RoleServlet的代码就应该为:

public class RoleServlet extends HttpServlet {

    private SecurityService service = new SecurityService();

    protected void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {

        String method = request.getParameter("method");
        // 请求派发
        if ("getAll".equals(method)) {
            getAll(request, response);
        }

    }

    private void getAll(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        List<Role> list = service.getAllRole();
        request.setAttribute("list", list);
        request.getRequestDispatcher("/security/listrole.jsp").forward(request, response);

    }

    protected void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        doGet(request, response);
    }

}
   
   
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29

顺其自然地,我们接下来应在WebRoot根目录下的security目录下新建一个展示角色列表的页面——listrole.jsp。 
这里写图片描述 
listrole.jsp页面的内容如下:

<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8"%>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>角色列表</title>
</head>
<body>
    <br/><br/>
    <table width="80%" align="center">
        <tr>
            <td></td>
            <td></td>
            <td align="right">
                <a href="${pageContext.request.contextPath }/RoleServlet?method=addUI">添加角色</a>
            </td>
        </tr>
    </table>
    <br/>
    <table width="80%" border="1" align="center">
        <tr>
            <td>角色名称</td>
            <td>角色描述</td>
            <td>操作</td>
        </tr>
        <c:forEach var="role" items="${list }">
            <tr>
                <td>${role.name }</td>
                <td>${role.description }</td>
                <td>
                    <a href="${pageContext.request.contextPath }/RoleServlet?method=forUpdateRolePrivilegeUI&id=${role.id }">为角色授予权限</a>
                    <a href="#">删除</a>
                    <a href="#">修改</a>
                </td>
            </tr>
        </c:forEach>
    </table>
</body>
</html>
   
   
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41

我们要添加一个角色,就应该点击添加角色的超链接,接着给我们提供一个添加角色的页面,同样地该请求也要交给RoleServlet,又由于请求URL后面的method参数的值是addUI,因此要把请求派发给addUI方法处理,这样RoleServlet的代码就应该为:

public class RoleServlet extends HttpServlet {

    private SecurityService service = new SecurityService();

    protected void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {

        String method = request.getParameter("method");
        // 请求派发
        if ("getAll".equals(method)) {
            getAll(request, response);
        }
        if ("addUI".equals(method)) {
            addUI(request, response);
        }
    }

    private void getAll(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        List<Role> list = service.getAllRole();
        request.setAttribute("list", list);
        request.getRequestDispatcher("/security/listrole.jsp").forward(request, response);

    }

    private void addUI(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        request.getRequestDispatcher("/security/addrole.jsp").forward(request, response);

    }

    protected void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        doGet(request, response);
    }

}
   
   
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37

接下来,我们应在WebRoot根目录下的security目录下新建一个添加角色的页面——addrole.jsp。 
这里写图片描述 
addrole.jsp页面内容如下:

<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>添加角色界面</title>
</head>
<body>
    <form action="${pageContext.request.contextPath }/RoleServlet?method=add" method="post">
        <table>
            <tr>
                <td>角色名称</td>
                <td>
                    <input type="text" name="name">
                </td>
            </tr>
            <tr>
                <td>角色描述</td>
                <td>
                    <textarea rows="5" cols="50" name="description"></textarea>
                </td>
            </tr>
            <tr>
                <td></td>
                <td>
                    <input type="submit" value="添加角色">
                </td>
            </tr>
        </table>
    </form>
</body>
</html>
   
   
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33

当我们在以上页面填写完一个角色的详细信息之后,点击添加角色按钮,请求也应交给RoleServlet,又由于请求URL后面的method参数的值是add,因此要把请求派发给add方法处理,这样RoleServlet的代码就应该为:

public class RoleServlet extends HttpServlet {

    private SecurityService service = new SecurityService();

    protected void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {

        String method = request.getParameter("method");
        // 请求派发
        if ("getAll".equals(method)) {
            getAll(request, response);
        }
        if ("addUI".equals(method)) {
            addUI(request, response);
        }
        if ("add".equals(method)) {
            add(request, response);
        }
    }

    private void getAll(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        List<Role> list = service.getAllRole();
        request.setAttribute("list", list);
        request.getRequestDispatcher("/security/listrole.jsp").forward(request, response);

    }

    private void addUI(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        request.getRequestDispatcher("/security/addrole.jsp").forward(request, response);

    }

    private void add(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        try {
            Role role = WebUtils.request2Bean(request, Role.class);
            role.setId(UUID.randomUUID().toString()); // 还可编写一个Generic类
            service.addRole(role);

            request.setAttribute("message", "添加成功!!!");
        } catch (Exception e) {
            e.printStackTrace();
            request.setAttribute("message", "添加失败!!!");
        }
        request.getRequestDispatcher("/message.jsp").forward(request, response);

    }

    protected void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        doGet(request, response);
    }

}
   
   
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56

其实这儿还隐藏着一个优化技巧,由于这四个对象都要生成id,每次这样写这句代码XXX.setId(UUID.randomUUID().toString());显然很麻烦,势必是要优化的,我们可以对这四个对象的共同属性id进行抽取,提取出这四者的父类。我们在cn.itcast.domain包下创建这四者的父类——Generic类。 
这里写图片描述 
Generic类的具体代码如下:

public class Generic {

    private String id;

    public Generic() {
        this.id = UUID.randomUUID().toString();
    }

    public String getId() {
        return id;
    }

    public void setId(String id) {
        this.id = id;
    }

}
   
   
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17

这样其他四个类都来继承Generic类,如Role类继承Generic类。

public class Role extends Generic {

    private String name;
    private String description;

    private Set<Privilege> privileges = new HashSet<Privilege>();

    public String getName() {
        return name;
    }

    public void setName(String name) {
        this.name = name;
    }

    public String getDescription() {
        return description;
    }

    public void setDescription(String description) {
        this.description = description;
    }

    public Set<Privilege> getPrivileges() {
        return privileges;
    }

    public void setPrivileges(Set<Privilege> privileges) {
        this.privileges = privileges;
    }

}
   
   
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32

这样优化之后,XxxServlet里面的add方法,就可省略这句XXX.setId(UUID.randomUUID().toString());代码了,有人会这样优化,所以我们也要多学习学习。但是事已至此,我们都已经写了这么远了,因此我们不做这样的优化了。 
当添加完一个角色后,就要给其授予权限了,我们可以在listrole.jsp页面点击为角色授予权限的超链接,这时,请求也应交给RoleServlet,该请求URL后面不仅要携带method参数,而且还要携带角色的id。由于请求URL后面的method参数的值是forUpdateRolePrivilegeUI,因此要把请求派发给forUpdateRolePrivilegeUI方法处理,这样RoleServlet的代码就应该为:

public class RoleServlet extends HttpServlet {

    private SecurityService service = new SecurityService();

    protected void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {

        String method = request.getParameter("method");
        // 请求派发
        if ("getAll".equals(method)) {
            getAll(request, response);
        }
        if ("addUI".equals(method)) {
            addUI(request, response);
        }
        if ("add".equals(method)) {
            add(request, response);
        }
        if ("forUpdateRolePrivilegeUI".equals(method)) {
            forUpdateRolePrivilegeUI(request, response);
        }
    }

    private void getAll(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        List<Role> list = service.getAllRole();
        request.setAttribute("list", list);
        request.getRequestDispatcher("/security/listrole.jsp").forward(request, response);

    }

    private void addUI(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        request.getRequestDispatcher("/security/addrole.jsp").forward(request, response);

    }

    private void add(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        try {
            Role role = WebUtils.request2Bean(request, Role.class);
            role.setId(UUID.randomUUID().toString()); // 还可编写一个Generic类
            service.addRole(role);

            request.setAttribute("message", "添加成功!!!");
        } catch (Exception e) {
            e.printStackTrace();
            request.setAttribute("message", "添加失败!!!");
        }
        request.getRequestDispatcher("/message.jsp").forward(request, response);

    }

    // 为更新角色的权限提供界面
    private void forUpdateRolePrivilegeUI(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        String roleid = request.getParameter("id");
        Role r = service.findRole(roleid);

        List<Privilege> list = service.getAllPrivilege();
        request.setAttribute("role", r);
        request.setAttribute("list", list);
        request.getRequestDispatcher("/security/updateRolePrivilege.jsp").forward(request, response);

    }

    protected void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        doGet(request, response);
    }

}
   
   
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72

紧接着,我们就要在WebRoot根目录下的security目录下新建一个更新角色权限的页面——updateRolePrivilege.jsp。 
这里写图片描述 
updateRolePrivilege.jsp页面的内容为:

<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8"%>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>更新角色的权限</title>
</head>
<body>
    <table border="1" width="40%">
        <tr>
            <td>角色名称</td>
            <td>${role.name }</td>
        </tr>
        <tr>
            <td>角色描述</td>
            <td>${role.description }</td>
        </tr>
        <tr>
            <td>角色原有权限</td>
            <td>
                <c:forEach var="p" items="${role.privileges }">
                    ${p.name }<br/>
                </c:forEach>
            </td>
        </tr>
        <tr>
            <td>须授予的权限</td>
            <td>
                <!-- 当下面表单提交时,会给服务器带去角色id和要授予的权限id  -->
                <form action="${pageContext.request.contextPath }/RoleServlet?method=updatePrivilege" method="post">
                    <input type="hidden" name="roleid" value="${role.id }">
                    <c:forEach var="p" items="${list }">
                        <input type="checkbox" name="pid" value="${p.id }">${p.name }<br/>
                    </c:forEach>
                    <input type="submit" value="更新权限">
                </form>
            </td>
        </tr>

    </table>
</body>
</html>
   
   
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44

当我们给角色选中若干个权限之后,点击更新权限的按钮,请求也应交给RoleServlet,又由于请求URL后面的method参数的值是updatePrivilege,因此要把请求派发给updatePrivilege方法处理,这样RoleServlet的代码就应该为:

public class RoleServlet extends HttpServlet {

    private SecurityService service = new SecurityService();

    protected void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {

        String method = request.getParameter("method");
        // 请求派发
        if ("getAll".equals(method)) {
            getAll(request, response);
        }
        if ("addUI".equals(method)) {
            addUI(request, response);
        }
        if ("add".equals(method)) {
            add(request, response);
        }
        if ("forUpdateRolePrivilegeUI".equals(method)) {
            forUpdateRolePrivilegeUI(request, response);
        }
        if ("updatePrivilege".equals(method)) {
            updatePrivilege(request, response);
        }
    }

    private void getAll(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        List<Role> list = service.getAllRole();
        request.setAttribute("list", list);
        request.getRequestDispatcher("/security/listrole.jsp").forward(request, response);

    }

    private void addUI(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        request.getRequestDispatcher("/security/addrole.jsp").forward(request, response);

    }

    private void add(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        try {
            Role role = WebUtils.request2Bean(request, Role.class);
            role.setId(UUID.randomUUID().toString()); // 还可编写一个Generic类
            service.addRole(role);

            request.setAttribute("message", "添加成功!!!");
        } catch (Exception e) {
            e.printStackTrace();
            request.setAttribute("message", "添加失败!!!");
        }
        request.getRequestDispatcher("/message.jsp").forward(request, response);

    }

    // 为更新角色的权限提供界面
    private void forUpdateRolePrivilegeUI(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        String roleid = request.getParameter("id");
        Role r = service.findRole(roleid);

        List<Privilege> list = service.getAllPrivilege();
        request.setAttribute("role", r);
        request.setAttribute("list", list);
        request.getRequestDispatcher("/security/updateRolePrivilege.jsp").forward(request, response);

    }

    private void updatePrivilege(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        try {
            String roleid = request.getParameter("roleid");
            String[] pids = request.getParameterValues("pid");
            service.updateRolePrivilege(roleid, pids);

            request.setAttribute("message", "更新成功!!!");
        } catch (Exception e) {
            e.printStackTrace();
            request.setAttribute("message", "更新失败!!!");
        }
        request.getRequestDispatcher("/message.jsp").forward(request, response);

    }

    protected void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        doGet(request, response);
    }

}
   
   
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91

至此,我们的角色管理模块就已设计完毕,欢迎您测试!最后我们来设计最后一个模块——用户管理模块。

用户管理模块的设计

当我们点击用户管理这一超链接时,就应将请求交给UserServlet。 
这里写图片描述 
又由于请求URL后面的method参数的值是getAll,因此要把请求派发给getAll方法处理,这样UserServlet的代码就应该为:

public class UserServlet extends HttpServlet {

    private SecurityService service = new SecurityService();

    protected void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {

        String method = request.getParameter("method");
        if ("getAll".equals(method)) {
            getAll(request, response);
        }

    }

    private void getAll(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        List<User> list = service.getAllUser();
        request.setAttribute("list", list);
        request.getRequestDispatcher("/security/listuser.jsp").forward(request, response);

    }

    protected void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        doGet(request, response);
    }

}
   
   
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28

顺其自然地,我们接下来应在WebRoot根目录下的security目录下新建一个展示用户列表的页面——listuser.jsp。 
这里写图片描述 
listuser.jsp页面的内容如下:

<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8"%>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>用户列表</title>
</head>
<body>
    <br/><br/>
    <table width="80%" align="center">
        <tr>
            <td></td>
            <td></td>
            <td align="right">
                <a href="${pageContext.request.contextPath }/UserServlet?method=addUI">添加用户</a>
            </td>
        </tr>
    </table>
    <br/>
    <table width="80%" border="1" align="center">
        <tr>
            <td>用户名称</td>
            <td>用户密码</td> <!-- 后台管理员可以看到用户的密码,这个倒无所谓 -->
            <td>用户描述</td>
            <td>操作</td>
        </tr>
        <c:forEach var="user" items="${list }">
            <tr>
                <td>${user.username }</td>
                <td>${user.password }</td>
                <td>${user.description }</td>
                <td>
                    <a href="${pageContext.request.contextPath }/UserServlet?method=forUpdateUserRoleUI&id=${user.id }">为用户授予角色</a>
                    <a href="#">删除</a>
                    <a href="#">修改</a>
                </td>
            </tr>
        </c:forEach>
    </table>
</body>
</html>
   
   
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43

我们要添加一个用户,就应该点击添加用户的超链接,接着给我们提供一个添加用户的页面,同样地该请求也要交给UserServlet,又由于请求URL后面的method参数的值是addUI,因此要把请求派发给addUI方法处理,这样UserServlet的代码就应该为:

public class UserServlet extends HttpServlet {

    private SecurityService service = new SecurityService();

    protected void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {

        String method = request.getParameter("method");
        if ("getAll".equals(method)) {
            getAll(request, response);
        }
        if ("addUI".equals(method)) {
            addUI(request, response);
        }

    }

    private void getAll(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        List<User> list = service.getAllUser();
        request.setAttribute("list", list);
        request.getRequestDispatcher("/security/listuser.jsp").forward(request, response);

    }

    private void addUI(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        request.getRequestDispatcher("/security/adduser.jsp").forward(request, response);

    }

    protected void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        doGet(request, response);
    }

}
   
   
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37

接下来,我们应在WebRoot根目录下的security目录下新建一个添加用户的页面——adduser.jsp。 
这里写图片描述 
该页面的内容如下:

<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>添加用户界面</title>
</head>
<body>
    <form action="${pageContext.request.contextPath }/UserServlet?method=add" method="post">
        <table>
            <tr>
                <td>用户名</td>
                <td>
                    <input type="text" name="username">
                </td>
            </tr>
            <tr>
                <td>用户密码</td>
                <td>
                    <input type="text" name="password">
                </td>
            </tr>
            <tr>
                <td>用户描述</td>
                <td>
                    <textarea rows="5" cols="50" name="description"></textarea>
                </td>
            </tr>
            <tr>
                <td></td>
                <td>
                    <input type="submit" value="添加用户">
                </td>
            </tr>
        </table>
    </form>
</body>
</html>
   
   
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39

当我们在以上页面填写完一个用户的详细信息之后,点击添加用户按钮,请求也应交给UserServlet,又由于请求URL后面的method参数的值是add,因此要把请求派发给add方法处理,这样UserServlet的代码就应该为:

public class UserServlet extends HttpServlet {

    private SecurityService service = new SecurityService();

    protected void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {

        String method = request.getParameter("method");
        if ("getAll".equals(method)) {
            getAll(request, response);
        }
        if ("addUI".equals(method)) {
            addUI(request, response);
        }
        if ("add".equals(method)) {
            add(request, response);
        }
    }

    private void getAll(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        List<User> list = service.getAllUser();
        request.setAttribute("list", list);
        request.getRequestDispatcher("/security/listuser.jsp").forward(request, response);

    }

    private void addUI(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        request.getRequestDispatcher("/security/adduser.jsp").forward(request, response);

    }

    private void add(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        try {
            User user = WebUtils.request2Bean(request, User.class);
            user.setId(UUID.randomUUID().toString());
            service.addUser(user);

            request.setAttribute("message", "添加成功!!!");
        } catch (Exception e) {
            e.printStackTrace();
            request.setAttribute("message", "添加失败!!!");
        }
        request.getRequestDispatcher("/message.jsp").forward(request, response);

    }

    protected void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        doGet(request, response);
    }

}
   
   
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55

当添加完一个用户后,就要给其授予角色了,我们可以在listuser.jsp页面点击为用户授予角色的超链接,这时,请求也应交给UserServlet,该请求URL后面不仅要携带method参数,而且还要携带用户的id。由于请求URL后面的method参数的值是forUpdateUserRoleUI,因此要把请求派发给forUpdateUserRoleUI方法处理,这样UserServlet的代码就应该为:

public class UserServlet extends HttpServlet {

    private SecurityService service = new SecurityService();

    protected void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {

        String method = request.getParameter("method");
        if ("getAll".equals(method)) {
            getAll(request, response);
        }
        if ("addUI".equals(method)) {
            addUI(request, response);
        }
        if ("add".equals(method)) {
            add(request, response);
        }
        if ("forUpdateUserRoleUI".equals(method)) {
            forUpdateUserRoleUI(request, response);
        }
    }

    private void getAll(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        List<User> list = service.getAllUser();
        request.setAttribute("list", list);
        request.getRequestDispatcher("/security/listuser.jsp").forward(request, response);

    }

    private void addUI(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        request.getRequestDispatcher("/security/adduser.jsp").forward(request, response);

    }

    private void add(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        try {
            User user = WebUtils.request2Bean(request, User.class);
            user.setId(UUID.randomUUID().toString());
            service.addUser(user);

            request.setAttribute("message", "添加成功!!!");
        } catch (Exception e) {
            e.printStackTrace();
            request.setAttribute("message", "添加失败!!!");
        }
        request.getRequestDispatcher("/message.jsp").forward(request, response);

    }

    private void forUpdateUserRoleUI(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        String userid = request.getParameter("id");
        User user = service.findUser(userid);

        List<Role> list = service.getAllRole();
        request.setAttribute("user", user);
        request.setAttribute("list", list);
        request.getRequestDispatcher("/security/updateUserRole.jsp").forward(request, response);

    }

    protected void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        doGet(request, response);
    }

}
   
   
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70

紧接着,我们就要在WebRoot根目录下的security目录下新建一个更新用户角色的页面——updateUserRole.jsp。 
这里写图片描述 
该页面的内容如下:

<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8"%>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>更新用户的角色</title>
</head>
<body>
    <table border="1" width="40%">
        <tr>
            <td>用户名</td>
            <td>${user.username }</td>
        </tr>
        <tr>
            <td>用户描述</td>
            <td>${user.description }</td>
        </tr>
        <tr>
            <td>用户原有角色</td>
            <td>
                <c:forEach var="role" items="${user.roles }">
                    ${role.name }<br/>
                </c:forEach>
            </td>
        </tr>
        <tr>
            <td>须授予的角色</td>
            <td>
                <!-- 当下面表单提交时,会给服务器带去用户id和要授予的角色id  -->
                <form action="${pageContext.request.contextPath }/UserServlet?method=updateRole" method="post">
                    <input type="hidden" name="userid" value="${user.id }">
                    <c:forEach var="r" items="${list }">
                        <input type="checkbox" name="rid" value="${r.id }">${r.name }<br/>
                    </c:forEach>
                    <input type="submit" value="更新角色">
                </form>
            </td>
        </tr>

    </table>
</body>
</html>
   
   
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44

当我们给用户选中若干个角色之后,点击更新权限的按钮,请求也应交给UserServlet,又由于请求URL后面的method参数的值是updateRole,因此要把请求派发给updateRole方法处理,这样UserServlet的代码就应该为:

public class UserServlet extends HttpServlet {

    private SecurityService service = new SecurityService();

    protected void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {

        String method = request.getParameter("method");
        if ("getAll".equals(method)) {
            getAll(request, response);
        }
        if ("addUI".equals(method)) {
            addUI(request, response);
        }
        if ("add".equals(method)) {
            add(request, response);
        }
        if ("forUpdateUserRoleUI".equals(method)) {
            forUpdateUserRoleUI(request, response);
        }
        if ("updateRole".equals(method)) {
            updateRole(request, response);
        }
    }

    private void getAll(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        List<User> list = service.getAllUser();
        request.setAttribute("list", list);
        request.getRequestDispatcher("/security/listuser.jsp").forward(request, response);

    }

    private void addUI(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        request.getRequestDispatcher("/security/adduser.jsp").forward(request, response);

    }

    private void add(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        try {
            User user = WebUtils.request2Bean(request, User.class);
            user.setId(UUID.randomUUID().toString());
            service.addUser(user);

            request.setAttribute("message", "添加成功!!!");
        } catch (Exception e) {
            e.printStackTrace();
            request.setAttribute("message", "添加失败!!!");
        }
        request.getRequestDispatcher("/message.jsp").forward(request, response);

    }

    private void forUpdateUserRoleUI(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        String userid = request.getParameter("id");
        User user = service.findUser(userid);

        List<Role> list = service.getAllRole();
        request.setAttribute("user", user);
        request.setAttribute("list", list);
        request.getRequestDispatcher("/security/updateUserRole.jsp").forward(request, response);

    }

    private void updateRole(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        try {
            String userid = request.getParameter("userid");
            String[] rids = request.getParameterValues("rid");
            service.updateUserRole(userid, rids);

            request.setAttribute("message", "更新成功!!!");
        } catch (Exception e) {
            e.printStackTrace();
            request.setAttribute("message", "更新失败!!!");
        }
        request.getRequestDispatcher("/message.jsp").forward(request, response);

    }

    protected void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        doGet(request, response);
    }

}
   
   
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89

至此,我们的角色管理模块就已设计完毕,欢迎您测试!下一篇文章我们重点关注权限的实现。

评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值