1.filter过滤器
(1)创建filter包
(2)UserController.java编写启动过滤器方法
@RequestMapping("/login.do")
public ModelAndView login(User user,HttpSession session){
int id = userService.login(user.getUsername(),user.getPassword());
ModelAndView mv = new ModelAndView();
if(id!=-1){
session.setAttribute("user",user);
mv.setViewName("main");
}else {
mv.setViewName("../failer");
}
return mv;
}
(3)创建登录过滤器类
①继承Filter类
②编写方法
package com.zhongruan.filter;
import com.zhongruan.bean.User;
import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
public class LoginFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest request =(HttpServletRequest) servletRequest;
HttpServletResponse response = (HttpServletResponse) servletResponse;
HttpSession session = request.getSession();
User user = (User) session.getAttribute("user");
String uri = request.getRequestURI();
System.out.println("uri: "+uri);
System.out.println("uri.indexOf: "+uri.indexOf("login.do"));
if(user==null && uri.indexOf("login.do")==-1){
response.sendRedirect(request.getContextPath()+"../login.jsp");
}else{
filterChain.doFilter(request,response);
}
}
@Override
public void destroy() {
}
}
(4)配置web.xml
<filter>
<filter-name>loginFilter</filter-name>
<filter-class>com.zhongruan.filter.LoginFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>loginFilter</filter-name>
<url-pattern>*.do</url-pattern>
</filter-mapping>
(5)过滤测试
过滤结果(只要不包含login.do就输出-1,如果包含login.do则输出在uri中login.do是从哪一个字符开始)
先成功登录之后,再次尝试find.do发现可以成功进入查看界面
2.批量删除
(1)deleteAll方法编写
①UserDao.java编写接口
void deleteAll(@Param("ids")List<Integer> ids);
②UserMapper.xml数据库语句
<delete id = "deleteAll" parameterType="list">
delete from tb_user where id in
<foreach collection="ids" item="id" open="(" close=")" separator=",">
#{id}
</foreach>
</delete>
③UserService.java注册方法
void deleteAll(List<Integer> ids);
④UserServiceImpl.java实现方法
@Override
public void deleteAll(List<Integer> ids){
userDao.deleteAll(ids);
}
⑤UserController.java实现方法
@RequestMapping("deleteAll.do")
public String deleteAll(String userList){
System.out.println("userList: "+userList);
String[] str = userList.split(",");
List<Integer> ids = new ArrayList<>();
for(String s:str){
ids.add(Integer.parseInt(s));
}
userService.deleteAll(ids);
return "redirect:findAll.do";
}
(2)删除界面演示
3.角色权限管理
(1)创建Role类
package com.zhongruan.bean;
public class Role {
private int id;
private String rolename;
private String roledesc;
public int getId() {
return id;
}
public void setId(int id) {
this.id = id;
}
public String getRolename() {
return rolename;
}
public void setRolename(String rolename) {
this.rolename = rolename;
}
public String getRoledesc() {
return roledesc;
}
public void setRoledesc(String roledesc) {
this.roledesc = roledesc;
}
@Override
public String toString() {
return "Role{" +
"id=" + id +
", rolename='" + rolename + '\'' +
", roledesc='" + roledesc + '\'' +
'}';
}
}
(2)创建UserRole类
package com.zhongruan.bean;
public class UserRole {
private int id;
private int userId;
private int roleId;
public int getId() {
return id;
}
public void setId(int id) {
this.id = id;
}
public int getUserId() {
return userId;
}
public void setUserId(int userId) {
this.userId = userId;
}
public int getRoleId() {
return roleId;
}
public void setRoleId(int roleId) {
this.roleId = roleId;
}
@Override
public String toString() {
return "UserRole{" +
"id=" + id +
", userId=" + userId +
", roleId=" + roleId +
'}';
}
}
(3)创建RoleDao接口
package com.zhongruan.dao;
import com.zhongruan.bean.Role;
import com.zhongruan.bean.UserRole;
import java.util.List;
public interface RoleDao {
List<Integer> findRoleIdByUserId(int userId);
List<Role> findRoleByUserId(int id);
void addRole(UserRole userRole);
}
(4)创建RoleMapper.xml文件
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd" >
<mapper namespace="com.zhongruan.dao.RoleDao" >
<select id = "findRoleIdByUserId" parameterType="int" resultType="int">
select roleId from user_role where userId=#{userId}
</select>
<select id="findRoleByUserId" parameterType="int" resultType="role">
select * from tb_role where id not in(select roleId from user_role where userId=#{id})
</select>
<insert id="addRole" parameterType="userRole">
insert into user_role (userId,roleId) values (#{userId},#{roleId})
</insert>
</mapper>
(5)创建RoleService接口
package com.zhongruan.service;
import com.zhongruan.bean.Role;
import java.util.List;
public interface RoleService {
List<Integer> findRoleId(int userId);
List<Role> findRoleByUserId(int id);
void add(List<Integer> ids,String userId);
}
(6)配置user-list.jsp文件
<tbody>
<c:forEach items="${pageInfo.list}" var="user">
<tr>
<td><input id="ids" name="ids" type="checkbox" value="${user.id}"></td>
<td>${user.id}</td>
<td>${user.username}</td>
<td>${user.password}</td>
<td class="text-center">
<a href="/user/toUpdate.do?id=${user.id}" class="btn bg-olive btn-xs">更新</a>
<a href="/user/deleteById.do?id=${user.id}" class="btn bg-olive btn-xs">删除</a>
<% List<Integer> roleIds = (List<Integer>) session.getAttribute("roleIds");%>
<% if(roleIds.contains(1)){ %>
<a href="/user/toAddRule.do?id=${user.id}">添加角色</a>
<% } %>
</td>
</tr>
</c:forEach>
</tbody>
(7)UserController.java实现方法
@RequestMapping("toAddRole.do")
public ModelAndView toAddRole(int id){
List<Role> roleList = roleService.findRoleByUserId(id);
ModelAndView mv = new ModelAndView();
mv.addObject("roles",roleList);
mv.addObject("id",id);
mv.setViewName("user-role-add");
return mv;
}
@RequestMapping("addRole.do")
@ResponseBody
public String add(String roleList,String userId){
String[] strs = roleList.split(",");
List<Integer> ids =new ArrayList<>();
for(String s:strs){
ids.add(Integer.parseInt(s));
}
roleService.add(ids,userId);
return "";
}