用户管理
查询所有用户
在aside.jsp中的“系统管理”部分下有用户管理/角色管理/资源权限管理/访问日志,点击用户管理要能查询出所有的用户
UserController
@Controller
@RequestMapping("/user")
public class UserController {
@Autowired
private IUserService userService;
@RequestMapping("/findAll.do")
public ModelAndView findAll() throws Exception {
ModelAndView mv = new ModelAndView();
List<UserInfo> userList = userService.findAll();
//这个值的确定要和前端一致
mv.addObject("userList", userList);
mv.setViewName("user-list");
return mv;
}
IUserService
List<UserInfo> findAll() throws Exception;
UserServiceImpl
@Override
public List<UserInfo> findAll() throws Exception {
return userDao.findAll();
}
调试
修改用户状态的字符串表示(0代表未开启,1代表已开启)
用户添加
- 在用户查询所有完成后显示的主界面上,实有一个用户添加的按钮的
- 点击新建后跳转到user-add.jsp 录入信息和发起user.save
- 为什么没有注册?后台管理系统一般没有注册功能,一般都是管理员为用户开账户
UserController
添加完后跳转到所有用户页面
@RequestMapping("/save.do")
public String save(UserInfo userInfo) throws Exception {
userService.save(userInfo);
return "redirect:findAll.do";
}
UserService
UserServiceImpl
@Override
public void save(UserInfo userInfo) throws Exception {
//对密码进行加密处理
userInfo.setPassword(bCryptPasswordEncoder.encode(userInfo.getPassword()));
userDao.save(userInfo);
}
IUserDao
@Insert("insert into users(email,username,password,phoneNum,status) values(#{email},#{username},#{password},#{phoneNum},#{status})")
void save(UserInfo userInfo) throws Exception;
加密类
配置
spring-security.xml中进行配置
在spring-security,xml中声明了一个bean,同时修改ss的配置,配置加密方式
<!-- 切换成数据库中的用户名和密码 -->
<security:authentication-manager>
<security:authentication-provider user-service-ref="userService">
<!-- 配置加密的方式-->
<security:password-encoder ref="passwordEncoder"/>
</security:authentication-provider>
</security:authentication-manager>
<!-- 配置加密类 -->
<bean id="passwordEncoder" class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder"/>
单独配置成类
在heima_ssm_utils对应包下新建一个类BCryptPasswordEncode
package com.itheima.ssm.utils;
//导入该包,springspringframework.security提供了该类
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
//底层做了盐值加密(保证每次加密的过程都不一样,但是解密可以得到一样的结果)
public class BCryptPasswordEncoderUtils {
private static BCryptPasswordEncoder bCryptPasswordEncoder=new BCryptPasswordEncoder();
public static String encodePassword(String password){
return bCryptPasswordEncoder.encode(password);
}
public static void main(String[] args) {
String password="123";
String pwd = encodePassword(password);
//$2a$10$tJHudmJh6MRPdiL7mv0yfe0nZJbDHuhl7sSTnqNC4DauMik9ppi4K
//$2a$10$Ce8LB3jdYDZ2f6HB281zA.4eC7v6ziJdK8MMWg0Yu8ETMg5ToMpIe
System.out.print(pwd.length());
}
}
- 注意采用单独配置成类的时候,一定要修改spring-security,xml,配置加密方式,如上相同。
- 否则是无法在成功登录的(因为不加配置,登陆时密码是不会进行加密的)
- 在封装UserDetails的时候不必再加上{noop},因为密码已经进行加密了
使用
在UserServiceImple中先
@Autowired
private BCryptPasswordEncoder bCryptPasswordEncoder;
再加密后重新赋值
@Override
public void save(UserInfo userInfo) throws Exception {
//对密码进行加密处理
userInfo.setPassword(bCryptPasswordEncoder.encode(userInfo.getPassword()));
userDao.save(userInfo);
}
调试
- 很复杂的一点是,ssm这种项目每次修改后端的源代码后都需要重新clean和install,可以添加一些热部署的插件
- 页面报错,原因是密码这一字段过长:原因是经过加密类加密后得到的字符串太长(varchar(50)),在IDEA中直接.length
()输出为60,将其改为60即可
用户详情
- 在user-list上点击详情发起请求携带用户id进行查询
- 查询用户信息不仅包含基本信息,还包括角色信息,资源权限信息,封装进UserInfo对象
- 跳转到user-show.jsp展示用户信息
UserController
//查询指定id的用户
@RequestMapping("/findById.do")
public ModelAndView findById(String id) throws Exception{
ModelAndView mv = new ModelAndView();
UserInfo userInfo = userService.findById(id);
mv.addObject("user",userInfo);
mv.setViewName("user-show1");
return mv;
}
IUserService
UserInfo findById(String id) throws Exception;
UserServiceImpl
@Override
public UserInfo findById(String id) throws Exception{
return userDao.findById(id);
}
IUserDao
@Select("select * from users where id=#{id}")
@Results({
@Result(id = true, property = "id", column = "id"),
@Result(property = "username", column = "username"),
@Result(property = "email", column = "email"),
@Result(property = "password", column = "password"),
@Result(property = "phoneNum", column = "phoneNum"),
@Result(property = "status", column = "status"),
@Result(property = "roles",column = "id",javaType = List.class,many = @Many(select = "com.itheima.ssm.dao.IRoleDao.findRoleByUserId"))
})
UserInfo findById(String id) throws Exception;
@Results注解用于对查询结果进行封装
IRoleDao
之前在权限管理中已经实现了该方法,但是此处还是需要对查询结果进行一定封装
//根据用户id查询出所有对应的角色
@Select("select * from role where id in (select roleId from users_role where userId=#{userId})")
@Results({
@Result(id = true, property = "id", column = "id"),
@Result(property = "roleName", column = "roleName"),
@Result(property = "roleDesc", column = "roleDesc"),
@Result(property = "permissions",column = "id",javaType = List.class,many = @Many(select = "com.itheima.ssm.dao.IPermissionDao.findPermissionByRoleId"))
})
IPermissionDao
@Select("select * from permission where id in (select permissionId from role_permission where roleId=#{id} )")
public List<Permission> findPermissionByRoleId(String id) throws Exception;