权限就是几张关系表之间的增删改查,下面我做一下角色授权模块的权限:
数据库的表:
--模块功能表
select*from module;
select*from users;
select*from role;
select*from userRole;
select*from roleModule;
后台代码:
控制层:
* 获取角色信息
@RequestMapping("getRoles")
public void getRoles(HttpServletResponse response){
List list=userRoleLicense.getRoles();
JsonUtils.printJsonStringFromArrayObject(response, list);
}
*获得模块信息
@RequestMapping("getModules")
public void getModules(HttpServletResponse response,String id){
List list=userRoleLicense.getModules(id);
JsonUtils.printJsonStringFromArrayObject(response, list);
}
* 给角色授权模块
public void saveLicense(HttpServletResponse response,String rids,String mids,String pids){
boolean a=userRoleLicense.saveRole(rids, mids, pids);
JsonUtils.printJsonStringFromObject(response, a);
}
* 根据角色获得对应的模块
public void getModules(HttpServletResponse response,String id){
List list=userRoleLicense.getModules(id);
JsonUtils.printJsonStringFromArrayObject(response, list);
}
*获得用户信息:
@RequestMapping("listUserCom")
public void listUserCom(HttpServletRequest request,HttpServletResponse response,Integer nowPage,Boolean isSearch,String name,String id,String token,String account){
ChangeDataSource.changeDataSource(DataSource.dataSource2);
Users user = baseService.getUser(request, token);
id=String.valueOf(user.getCompanyId());
List list=hardwareUserService.getUserCom(request, response, nowPage, isSearch, name, id,account);
JsonUtils.printJsonStringFromArrayObject(response, list);
}
* 给用户授权角色
public void saveUserRole(HttpServletResponse response,String uid,String rid){
boolean a=userRoleLicense.saveUser(uid, rid);
JsonUtils.printJsonStringFromObject(response, a);
}
*登录页面加载模块
@RequestMapping("/loadModule")
public void list2(HttpServletResponse response, HttpServletRequest request,String token) {
String userTokenString = token.toString();
String string = request.getSession().getServletContext().getAttribute(userTokenString).toString();
Long id = null;
if (string!=null) {
String[] split = string.split("_");
id = Long.parseLong(split[0]);
}
List list = moduleService.getList(id);
String[] exclude = { "Users" ,"RoleModule"};
JsonUtils.printJsonStringFromArrayObjectWithExclude(response, list, exclude);
}
服务层:
* 获取角色信息
public List getRoles(){
String sql="select roleId,name,remark,updateTime from permission.dbo.role";
return this.baseDao.exeSqlQuery(sql);
}
*获得模块信息
public List getModules(String id){
String sql="select module from permission.dbo.roleModule where role = "+id+"";
return this.baseDao.exeSqlQuery(sql);
}
public boolean saveRole(String rids,String mids,String pids){
String[] midList=mids.split(",");
String[] pidList=pids.split(",");
String rsql="delete from permission.dbo.roleModule where role = "+rids+"";
this.baseDao.exeUpdateSql(rsql);
for(int m=0;m<midList.length;m++){
String msql="insert into permission.dbo.roleModule
(role,module,moduleParentId) values("+rids+","+midList[m]+","+pidList[m]+")";
this.baseDao.exeUpdateSql(msql);}
return true;
}
* 根据角色获得对应的模块
public List getModules(String id){
String sql="select module from permission.dbo.roleModule where role = "+id+"";
return this.baseDao.exeSqlQuery(sql);
}
*获得用户信息:
public String getUserComSql(String id){
String sql=" select u.userId,u.name,u.account,cc.companyName,u.companyId from permission.dbo.users as u left join permission.dbo.company as cc " +
"on u.companyId=cc.companyId where u.companyId = "+Long.parseLong(id)+" ";
return sql;
}
public String getUsersALL(String id){
String sql=" select u.userId,u.name,u.account,cc.companyName,u.companyId from permission.dbo.users as u left join permission.dbo.company as cc on u.companyId=cc.companyId";
return sql;
}
public List getUserCom(HttpServletRequest request,HttpServletResponse response ,String id){
String sqlString="";
if(Long.parseLong(id)==1){
sqlString=this.getUsersALL(isSearch, name, id,account);
}else{
sqlString=this.getUserComSql(isSearch, name, id,account);
}
return this.getListBySqlService(nowPage, sqlString, request);
}
public boolean saveUser(String uid,String rid){
Date date=new Date();
SimpleDateFormat sdf=new SimpleDateFormat("yyyy-MM-dd");
String times=sdf.format(date);
String usql="delete from permission.dbo.userRole where users="+uid+"";
String rsql="insert into permission.dbo.userRole(users,role,updateTime) values("+uid+","+rid+","+times+")";
this.baseDao.exeUpdateSql(usql);
this.baseDao.exeUpdateSql(rsql);
return true;
}
*登录页面加载模块
public List getList(Long id){
String hql = " select m.moduleID,m.name,m.moduleParentID,m.className,m.sortIndex,m.url from permission.dbo.module as m " +
"where moduleID in(select module from roleModule where role =("+
"select role from userRole where users ="+id+" )) order by sortIndex asc ";
return this.baseDao.exeSqlQuery(hql);
}
js中授权按钮触发事件:
$("#save").click(function(){
var rid="";
var rids="";
var mids="";
var pids="";
$('input[name="selRole"]:checked').each(function(){
rid=$(this).val();
rids += rid+",";
console.log(rids);
})
$('input[name="box"]:checked').each(function(){
var mid=$(this).closest("tr").attr("data-tt-id");
var pid=$(this).closest("tr").attr("data-tt-parent-id");
if(pid=="undefined"||pid==""||pid==null||pid==undefined){
pid=0;
}
mids += mid+",";
pids += pid+",";
console.log(mids);
console.log(pids);
})
$.ajax({
type:"post",
url:basePath+"/userRoles/saveLicense",
async:true,
data:{
"token":token,
"rids":rid,
"mids":mids,
"pids":pids
},
success:function(data){
console.log(data);
if(data = "true") {
layer.msg('信息已成功提交,2秒后跳转到权限管理列表!', {
area: '400px',
icon: 1,
time: 2000
});
setTimeout(function() {
window.location.href = "roleLicense.html";
}, 2000);
} else {
layer.msg('信息提交失败,请稍后重试!', {
icon: 2,
time: 2000
});
}
},
error: function(XMLHttpRequest, textStatus, errorThrown) {
toSend = false;
layer.msg('抱歉,服务器刚刚打了个盹!', {
icon: 2,
time: 2000
});
}
});
layui.use(['form', 'element'], function() {
var form = layui.form;
form.render()
});
});//end
这些后台接口写完之后,前台只要调用,就可以很轻松写好权限!