RBAC的权限管理
前言
在用shiro或者spring security时总是会很迷惑底层到底是怎么实现的,所以这次不用任何的权限框架实现RBAC(Role-Based Access Control基于角色的权限访问控制)。
为了更好的理解,没有使用springboot,这里是代码的地址,用mvn clean package打成war包放到tomcat里面跑就行
代码的地址https://github.com/esmusssein777/springbootlearning/tree/master/permission/rbac
框架
框架用的是spring+mybatis+mysql+tomcat,这样的一套还是比较好的能理解整个的体系
数据库设计
数据库是我们常见的表,user(用户),role(角色),permission(权限),user_role(用户角色关系表),role_permission(角色权限关系表)。这样的表是非常常见的权限管理表,每个用户可以对应不同的角色,也可以有多个角色,每个角色又对应不同的权限,一个角色可以有多个权限。
用户角色关系表、角色权限关系表都是多对多的表
SET NAMES utf8mb4;
SET FOREIGN_KEY_CHECKS = 0;
-- ----------------------------
-- Table structure for permission
-- ----------------------------
DROP TABLE IF EXISTS `permission`;
CREATE TABLE `permission` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`name` varchar(20) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL COMMENT '权限名称',
`description` varchar(50) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL COMMENT '权限描述表',
PRIMARY KEY (`id`) USING BTREE
) ENGINE = InnoDB CHARACTER SET = utf8 COLLATE = utf8_general_ci COMMENT = '权限表' ROW_FORMAT = Dynamic;
-- ----------------------------
-- Table structure for role
-- ----------------------------
DROP TABLE IF EXISTS `role`;
CREATE TABLE `role` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`name` varchar(20) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL COMMENT '权限名称',
`description` varchar(50) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL COMMENT '权限描述',
PRIMARY KEY (`id`) USING BTREE
) ENGINE = InnoDB CHARACTER SET = utf8 COLLATE = utf8_general_ci COMMENT = '角色表' ROW_FORMAT = Dynamic;
-- ----------------------------
-- Table structure for role_permission
-- ----------------------------
DROP TABLE IF EXISTS `role_permission`;
CREATE TABLE `role_permission` (
`role_id` int(11) NULL DEFAULT NULL,
`permission_id` int(11) NULL DEFAULT NULL,
INDEX `role_permission_uid_fk`(`role_id`) USING BTREE,
INDEX `role_permission_pid_fk`(`permission_id`) USING BTREE,
CONSTRAINT `role_permission_pid_fk` FOREIGN KEY (`permission_id`) REFERENCES `permission` (`id`) ON DELETE RESTRICT ON UPDATE RESTRICT,
CONSTRAINT `role_permission_uid_fk` FOREIGN KEY (`role_id`) REFERENCES `role` (`id`) ON DELETE RESTRICT ON UPDATE RESTRICT
) ENGINE = InnoDB CHARACTER SET = utf8 COLLATE = utf8_general_ci ROW_FORMAT = Dynamic;
-- ----------------------------
-- Table structure for user
-- ----------------------------
DROP TABLE IF EXISTS `u