过滤器
因为目前的项目在登录界面可以通过直接输入findAll.do直接到达其他界面,而过滤器就是使后台能判断请求发出者,有无登陆信息。
首先新建一个filter文件夹,然后新建一个LoginFilter类,实现Filter接口。
//LoginFilter.java
public class LoginFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) servletRequest;
HttpServletResponse response = (HttpServletResponse)servletResponse;
HttpSession session = request.getSession();
//获取session中的user信息
User user = (User) session.getAttribute("user");
String uri = request.getRequestURI();
System.out.println();
//如果没有用户信息并且不是登录界面的跳转
if(user==null && uri.indexOf("login.do")==-1){
response.sendRedirect(request.getContextPath()+"../login.jsp");
}else{
filterChain.doFilter(request,response);
}
}
@Override
public void destroy() {
}
}
写完之后在web.xml里注册
<filter>
<filter-name>loginFilter</filter-name>
<filter-class>com.whut.filter.LoginFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>loginFilter</filter-name>
<url-pattern>*.do</url-pattern>
</filter-mapping>
批量删除功能
User.Dao中新增函数DeleteAll
//UserDao.java
public interface UserDao {
User findByUserName(String username);
//显示在同一页的UserList
List<User> findAll(@Param("start") int start,@Param("username") String username);
void add(User user);
void deleteByID(int id);
User selectByID(int id);
void update(User user);
//获取搜索的总数
int getTotalCount(@Param("username")String username);
//批量删除
void deleteAll(@Param("ids")List<Integer> ids);
}
UserMapper中写入对应的sql语句
<delete id="deleteAll">
delete from user where id in
<foreach collection="ids" item="id" open="(" close=")" separator=",">
#{id}
</foreach>
</delete>
并在Userservice添加批量删除函数
//UserService.java
public interface UserService {
int login(String username,String password);
// List<User> findAll();
PageInfo<User> findAll(int currentPage,String username);
void add(User user);
void deleteByID(int id);
User selectByID(int id);
void update(User user);
void deleteAll(@Param("ids")List<Integer> ids);
}
在UserServiceImpl.java中调用这个函数
//UserServiceImpl.java
@Override
public void deleteAll(List<Integer> ids) {
userDao.deleteAll(ids);
}
最后在controller中实现交互
//UserController.java
@RequestMapping("/deleteAll.do")
public String deleteAll(String userList){
String[] str = userList.split(",");
List<Integer> ids = new ArrayList<>();
for (String s:str){
ids.add(Integer.parseInt(s));
}
userService.deleteAll(ids);
return "redirect:findAll.do";
}
角色权限管理
数据库设计:
在bean目录下创建Role类、UserRole类
public class Role {
private int id;
private String rolename;
private String roledesc;
public int getId() {
return id;
}
public void setId(int id) {
this.id = id;
}
public String getRolename() {
return rolename;
}
public void setRolename(String rolename) {
this.rolename = rolename;
}
public String getRoledesc() {
return roledesc;
}
@Override
public String toString() {
return "Role{" +
"id=" + id +
", rolename='" + rolename + '\'' +
", roledesc='" + roledesc + '\'' +
'}';
}
public void setRoledesc(String roledesc) {
this.roledesc = roledesc;
}
}
public class UserRole {
private int id;
private int userId;
private int roleId;
public UserRole() {
}
public UserRole(int id, int userId, int roleId) {
this.id = id;
this.userId = userId;
this.roleId = roleId;
}
public int getId() {
return id;
}
public void setId(int id) {
this.id = id;
}
public int getUserId() {
return userId;
}
public void setUserId(int userId) {
this.userId = userId;
}
public int getRoleId() {
return roleId;
}
public void setRoleId(int roleId) {
this.roleId = roleId;
}
@Override
public String toString() {
return "UserRole{" +
"id=" + id +
", userId=" + userId +
", roleId=" + roleId +
'}';
}
}
在Dao目录下新建RoleDao.java:
public interface RoleDao {
List<Integer> findRoleIdByUserId(int userId);
List<Role> findRoleByUserId(int id);
void addRole(UserRole userRole);
}
新建RoleMapper.xml来编写对应的SQL语句
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd" >
<mapper namespace="com.whut.dao.RoleDao" >
<select id="findRoleIdByUserId" parameterType="int" resultType="int">
select roleId from user_role where userId=#{userId}
</select>
<select id="findRoleByUserId" parameterType="int" resultType="Role">
select * from role where id not in (select roleId from user_role where userId=#{id})
</select>
<insert id="addRole" parameterType="UserRole">
insert into user_role (userId,roleId) values (#{userId},#{roleId})
</insert>
</mapper>
最后在前端做出相应
<% List<Integer> roleIds=(List<Integer>) session.getAttribute("roleIds");%>
<% if(roleIds.contains(1)){ %>
<a href="/user/toAddRole.do?id=${user.id}">添加角色</a>
<% } %>
总结
今天的工作量相当的繁重,最后也终于在老师的带领下,一步步完成了这个简单的项目,让我从从未接触过ssm的小白变成了对其有一定了解的新手,同时也解决了一些我们自己项目上遇到的难题。