思路是这样的,在页面展示中,只显示权限内能使用的功能模块,进入每一个界面都需要拦截器对其进行权限验证,对不能使用的功能使用拦截器进行拦截。
这是主要设计到的三张数据库表格:
这是拦截器:
package com.video.handler;
import com.video.model.Admin;
import com.video.model.User;
import com.video.service.AdminLoginService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.web.servlet.HandlerInterceptor;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
//登录拦截
public class AdminLoginInterceptor implements HandlerInterceptor {
@Autowired
private AdminLoginService adminLoginService;
//验证登录的管理员信息
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
System.out.println("管理员拦截器启动--------------");
//从session中获取name的值
Object attr = request.getSession().getAttribute("admin");
//判空处理
if(attr == null){
request.getRequestDispatcher("/admin/toLogin").forward(request,response);
return false;
}
//获取接口路径
StringBuffer requestURL = request.getRequestURL();
//取出模块的url
String path = requestURL.toString().replaceAll("//","/");
//以“/”转为为字符串数组
String[] urls =path.split("/");
// http://localhost/toMain
String url = urls[2];
System.out.println("请求访问路径url:"+url);
//从session中获取name的值
Admin admin = (Admin) attr;
Integer power = admin.getPower();
//查找该管理员是否具有进入首页功能的权限;
int rows = adminLoginService.findAdminPower(url,power);
//有的话则放行
if(rows>0){
System.out.println("访问请求通过");
return true;
}
System.out.println("访问请求失败");
//没有则返回登录界面
request.getRequestDispatcher("/admin/toLogin").forward(request,response);
return false;
}
}
需要注意的是需要在配置类中将拦截器实例化,使用@Bean,在拦截器初始化之前让类加载
//使用@Bean在拦截器初始化之前让类加载
@Bean
public AdminLoginInterceptor adminLoginInterceptor() {
return new AdminLoginInterceptor();
}
下面是整体的配置类文件:
package com.video.config;
import com.video.handler.*;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
@Configuration
public class MyWebMvcConfigurer implements WebMvcConfigurer {
//使用@Bean在拦截器初始化之前让类加载
@Bean
public AdminLoginInterceptor adminLoginInterceptor() {
return new AdminLoginInterceptor();
}
/**
* 配置静态资源映射
*/
@Override
public void addResourceHandlers(ResourceHandlerRegistry registry) {
//就是说 url 中出现 resourceHandler 匹配时,则映射到 location 中去,location 相当于虚拟路径
//映射本地文件时,开头必须是 file:/// 开头,表示协议
registry.addResourceHandler(resourceHandler).addResourceLocations("file:///" + location);
}
/**
* 配置用户、管理员拦截器
*/
@Override
public void addInterceptors(InterceptorRegistry registry) {
//注册用户拦截器
registry.addInterceptor(new UserLoginInterceptor()).addPathPatterns("/toIndex");
//管理员拦截器
registry.addInterceptor(adminLoginInterceptor()).addPathPatterns("/toMain","/userSet/**","/adminHome/**","/adminSet/**","/ban/**","/userAction/**");
}
}
页面导航条展示:
<ul class="layui-nav layui-nav-tree" lay-shrink="all" lay-filter="test">
<li th:if="${firstModuleIds.contains('1')}" class="layui-nav-item layui-nav-itemed">
<a class="" href="javascript:void(0)" onclick="toAdminHome()">
<i class="layui-icon layui-icon-home"></i>
<span>首页</span>
</a>
</li>
<li th:if="${firstModuleIds.contains('2')}" class="layui-nav-item">
<a class="" href="javascript:void(0)">
<i class="layui-icon layui-icon-user"></i>
<span>用户管理</span>
</a>
<dl class="layui-nav-child">
<dd><a href="javascript:void(0)" onclick="toUserAction()">
<i class="layui-icon layui-icon-right"></i>
<span>活动情况</span></a></dd>
<dd>
<a href="javascript:void(0)" onclick="toUserPage()">
<i class="layui-icon layui-icon-right"></i>
<span>基本信息</span></a></dd>
</dl>
</li>
<li th:if="${firstModuleIds.contains('3')}" class="layui-nav-item">
<a href="javascript:;">
<i class="layui-icon layui-icon-username"></i>
<span>管理员管理</span>
</a>
<dl class="layui-nav-child">
<dd><a href="javascript:void(0)" onclick="toAdminPage()">
<i class="layui-icon layui-icon-right"></i>
<span>管理员列表</span></a></dd>
<dd><a href="javascript:void(0)" onclick="toUserPage()">
<i class="layui-icon layui-icon-right"></i>
<span>权限管理</span></a></dd>
</dl>
</li>
<li th:if="${firstModuleIds.contains('4')}" class="layui-nav-item">
<a href="javascript:;">
<i class="layui-icon layui-icon-video"></i>
<span>视频管理</span>
</a>
<dl class="layui-nav-child">
<dd><a href="javascript:void(0)" onclick="toAdminPage()">
<i class="layui-icon layui-icon-right"></i>
<span>视频列表</span></a></dd>
<dd><a href="javascript:void(0)" onclick="toUserPage()">
<i class="layui-icon layui-icon-right"></i>
<span>视频类型</span></a></dd>
</dl>
</li>
<li th:if="${firstModuleIds.contains('5')}" class="layui-nav-item">
<a href="javascript:;">
<i class="layui-icon layui-icon-form"></i>
<span>试题管理</span>
</a>
<dl class="layui-nav-child">
<dd><a href="javascript:void(0)" onclick="toAdminPage()">
<i class="layui-icon layui-icon-right"></i>
<span>试题列表</span></a></dd>
<dd><a href="javascript:void(0)" onclick="toUserPage()">
<i class="layui-icon layui-icon-right"></i>
<span>试题类型</span></a></dd>
</dl>
</li>
<li th:if="${firstModuleIds.contains('6')}" class="layui-nav-item">
<a href="javascript:;">
<i class="layui-icon layui-icon-dialogue"></i>
<span>评论区管理</span>
</a>
</li>
<li th:if="${firstModuleIds.contains('7')}" class="layui-nav-item">
<a href="javascript:;">
<i class="layui-icon layui-icon-upload-drag"></i>
<span>上传管理</span>
</a>
<dl class="layui-nav-child">
<dd><a href="javascript:void(0)" onclick="toAdminPage()">
<i class="layui-icon layui-icon-right"></i>
<span>视频审核</span></a></dd>
<dd><a href="javascript:void(0)" onclick="toUserPage()">
<i class="layui-icon layui-icon-right"></i>
<span>试题审核</span></a></dd>
</dl>
</li>
<li th:if="${firstModuleIds.contains('8')}" class="layui-nav-item">
<a href="javascript:;">
<i class="layui-icon layui-icon-delete"></i>
<span>封号管理</span>
</a>
<dl class="layui-nav-child">
<dd><a href="javascript:void(0)" onclick="toBanUser()">
<i class="layui-icon layui-icon-right"></i>
<span>违规用户</span></a></dd>
<dd><a href="javascript:void(0)" onclick="toUserPage()">
<i class="layui-icon layui-icon-right"></i>
<span>违规视频</span></a></dd>
</dl>
</li>
</ul>
到页面的控制层:
@RequestMapping("/toMain")
public String toMain(HttpServletRequest request, Model model){
HttpSession session = request.getSession();
Admin admin = (Admin) session.getAttribute("admin");
Integer power = admin.getPower();
//获取模块id字符串
List<String> firstModuleIdList = adminLoginService.showFirstModuleIdList(power);
model.addAttribute("firstModuleIds",firstModuleIdList.toString());
model.addAttribute("admin",admin);
return "manage/main";
}
如此便结束了。