public class Role {
private Integer id;
private String role;
private String description;
private String available;
private Set<User> users = new HashSet<>();
private Set<Permission> permissions = new HashSet<>();
public class User {
private Integer uid;
private String username;
private String password;
private String name;
private String id_card_num;
private String state;
private Set<Role> roles = new HashSet<>();
对象关系说明:
1、一个User对应多个Role
2、一个Permission对应多个Role
3、一个Role对应多个User和多个Permission
2.3、mapper接口创建:
UserMapper:通过用户名获取用户操作,用户添加操作,用户删除操作
RoleMapper:通过用户id获取用户所有角色操作
PermissionMapper:通过用户所有角色获取用户所有权限操作
@Mapper
public interface UserMapper {
User findByUserName(String userName);
int insert(User user);
int del(@Param("username") String username);
}
@Mapper
public interface RoleMapper {
Set<Role> findRolesByUserId(@Param("uid") Integer uid);
}
@Mapper
public interface PermissionMapper {
Set<Permission> findPermissionsByRoleId(@Param("roles") Set<Role> roles);
}
获取用户资料操作
1、通过shiro登录成功
2、通过用户名称调用UserMapper获取用户信息
3、通过用户信息调用RoleMapper获取用户角色列表
4、通过用户角色列表调用PermissionMapper获取用户权限列表
2.4、mapper文件
mapper接口的具体实现
PermissionMapper.xml
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd" >
<mapper namespace="com.demo.mapper.PermissionMapper">
<!-- 查询用户权限信息 -->
<select id="findPermissionsByRoleId" resultType="com.demo.bean.Permission">
SELECT p.* from sys_permission p LEFT JOIN sys_role_permission rp on p.id = rp.permission_id WHERE rp.role_id IN
<foreach collection="roles" index="index" item="item" open="(" close=")" separator=",">
#{item.id}
</foreach>
</select>
</mapper>
RoleMapper.xml
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd" >
<mapper namespace="com.demo.mapper.RoleMapper">
<!-- 查询用户信息 -->
<select id="findRolesByUserId" resultType="com.demo.bean.Role">
SELECT r.* from sys_role r LEFT JOIN sys_user_role ur on r.id = ur.role_id where ur.uid = #{uid}
</select>
</mapper>
UserMapper.xml
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd" >
<mapper namespace="com.demo.mapper.UserMapper">
<!-- 查询用户信息 -->
<select id="findByUserName" resultType="com.demo.bean.User" parameterType="java.lang.String">
SELECT * FROM user_info WHERE username = #{userName}
</select>
<!-- 添加用户 -->
<!-- 创建用户 -->
<insert id="insert" parameterType="com.demo.bean.User">
<selectKey resultType="java.lang.Integer" keyProperty="uid" order="AFTER">
SELECT
LAST_INSERT_ID()
</selectKey>
insert into user_info
<trim prefix="(" suffix=")" suffixOverrides=",">
<if test="uid != null">
uid,
</if>
<if test="username != null and username != ''">
username,
</if>
<if test="password != null and password != ''">
password,
</if>
<if test="name != null and name != ''">
`name`,
</if>
<if test="id_card_num != null and id_card_num != ''">
id_card_num,
</if>
<if test="state != null and state != ''">
state,
</if>
</trim>
<trim prefix="values (" suffix=")" suffixOverrides=",">
<if test="uid != null">
#{uid},
</if>
<if test="username != null and username != ''">
#{username},
</if>
<if test="password != null and password != ''">
#{password},
</if>
<if test="name != null and name != ''">
#{name},
</if>
<if test="id_card_num != null and id_card_num != ''">
#{id_card_num},
</if>
<if test="state != null and state != ''">
#{state},
</if>
</trim>
</insert>
<!-- 删除用户 -->
<delete id="del">
DELETE FROM user_info WHERE username = #{username}
</delete>
</mapper>
2.5、service层:UserService
通过调用mapper接口进行具体操作
@Service
public class UserService {
@Autowired
private UserMapper userMapper;
public int insert(User user) {
return userMapper.insert(user);
}
public int del(String username) {
return userMapper.del(username);
}
}
三、权限相关配置:ShiroRealm,ShiroConfig
ShiroRealm:shiro中通过Realm来获取用户的信息
ShiroConfig:定义访问规则
package com.shiro.realm;
import com.shiro.bean.Permission;
import com.shiro.bean.Role;
import com.shiro.bean.User;
import com.shiro.mapper.PermissionMapper;
import com.shiro.mapper.RoleMapper;
import com.shiro.mapper.UserMapper;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;
import java.util.Set;
/**
* @author brusion
* @date 2018/10/18
* @description: Realm用于获取用户数据,组装后给shiro使用
*/
public class ShiroRealm extends AuthorizingRealm {
@Autowired
private UserMapper userMapper;
@Autowired
private RoleMapper roleMapper;
@Autowired
private PermissionMapper permissionMapper;
//验证当前登录的账号是否可用
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
UsernamePasswordToken tokenUser = (UsernamePasswordToken) token;
String username = tokenUser.getUsername();
String password = new String(tokenUser.getPassword());
User user = userMapper.getByName(username);
if (user == null || !password.equals(user.getPassword())) {
throw new UnknownAccountException("用户或密码为空");
}
if ("1".equals(user.getState())) {
throw new LockedAccountException("账号被锁定");
}
return new SimpleAuthenticationInfo(user, user.getPassword(), getName());
}
//获取当账号对应的权限,角色信息
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
User user = (User) SecurityUtils.getSubject().getPrincipal();
Integer uid = user.getUid();
Set<Role> roles = roleMapper.getRoleById(uid);
for (Role role : roles) {
info.addRole(role.getRole());
}
Set<Permission> permissions = permissionMapper.getPermissionByRole(roles);
for (Permission per : permissions) {
info.addStringPermission(per.getPermission());
}
return info;
}
}