目錄
6. 權限管理
6.1 環境搭建
6.1.1 資料庫
6.1.2 後端環境
6.2 使用者管理
6.2.1 查詢所有使用者(關聯角色)
6.2.2 核心1:給使用者授予角色
6. 權限管理
6.1 環境搭建
6.1.1 資料庫
- 權限管理的5張表的關系
- 添加4張表
# 權限表(菜單表)
CREATE TABLE `sys_permission` (
`id` int(10) NOT NULL AUTO_INCREMENT,
`permName` varchar(50) ,
`parent_id` int(11) ,
`path` varchar(255) ,
PRIMARY KEY (`id`) USING BTREE
);
INSERT INTO `sys_permission` VALUES (1, '班級管理', 0, '/classes');
INSERT INTO `sys_permission` VALUES (2, '添加班級', 1, '/classes/classesAdd');
INSERT INTO `sys_permission` VALUES (3, '班級清單', 1, '/classes/classesList');
INSERT INTO `sys_permission` VALUES (4, '學生管理', 0, '/student');
INSERT INTO `sys_permission` VALUES (5, '學生清單', 4, '/student/studentList');
INSERT INTO `sys_permission` VALUES (6, '權限管理', 0, '/perm');
INSERT INTO `sys_permission` VALUES (7, '權限清單', 6, '/perm/permissionList');
INSERT INTO `sys_permission` VALUES (8, '角色清單', 6, '/perm/roleList');
INSERT INTO `sys_permission` VALUES (9, '使用者清單', 6, '/perm/userList');
# 角色表
CREATE TABLE `sys_role` (
`id` int(10) NOT NULL AUTO_INCREMENT,
`roleName` varchar(50),
`roleDesc` varchar(50),
PRIMARY KEY (`id`) USING BTREE
) ;
INSERT INTO `sys_role` VALUES (1, 'admin', '超級管理者');
INSERT INTO `sys_role` VALUES (2, 'sms_admin', 'sms管理者');
INSERT INTO `sys_role` VALUES (3, 'user', '普通使用者');
#中間表:角色權限表
CREATE TABLE `sys_role_permission` (
`role_id` int(10),
`perm_id` int(10),
INDEX `FK_Reference_3`(`role_id`) USING BTREE,
INDEX `FK_Reference_4`(`perm_id`) USING BTREE,
CONSTRAINT `sys_role_permission_ibfk_1` FOREIGN KEY (`perm_id`) REFERENCES `sys_permission` (`id`) ,
CONSTRAINT `sys_role_permission_ibfk_2` FOREIGN KEY (`role_id`) REFERENCES `sys_role` (`id`)
);
INSERT INTO `sys_role_permission` VALUES (1, 1);
INSERT INTO `sys_role_permission` VALUES (1, 2);
INSERT INTO `sys_role_permission` VALUES (1, 3);
INSERT INTO `sys_role_permission` VALUES (1, 4);
INSERT INTO `sys_role_permission` VALUES (1, 5);
INSERT INTO `sys_role_permission` VALUES (1, 6);
INSERT INTO `sys_role_permission` VALUES (1, 7);
INSERT INTO `sys_role_permission` VALUES (1, 8);
INSERT INTO `sys_role_permission` VALUES (1, 9);
INSERT INTO `sys_role_permission` VALUES (2, 1);
INSERT INTO `sys_role_permission` VALUES (2, 2);
INSERT INTO `sys_role_permission` VALUES (2, 3);
INSERT INTO `sys_role_permission` VALUES (2, 4);
INSERT INTO `sys_role_permission` VALUES (2, 5);
# 中間表:使用者角色表
CREATE TABLE `sys_user_role` (
`user_id` VARCHAR(32),
`role_id` INT(10) ,
INDEX `FK_Reference_1`(`user_id`) USING BTREE,
INDEX `FK_Reference_2`(`role_id`) USING BTREE,
CONSTRAINT `sys_user_role_ibfk_1` FOREIGN KEY (`role_id`) REFERENCES `sys_role` (`id`),
CONSTRAINT `sys_user_role_ibfk_2` FOREIGN KEY (`user_id`) REFERENCES `tb_user` (`u_id`)
);
INSERT INTO `sys_user_role` VALUES ('u001', 1);
INSERT INTO `sys_user_role` VALUES ('u001', 2);
INSERT INTO `sys_user_role` VALUES ('u002', 2); 6.1.2 後端環境
- 基本内容:JavaBean、Mapper、Service、Controller
- JavaBean
- 基本結構
6.2 使用者管理
6.2.1 查詢所有使用者(關聯角色)
1)後端
- 修改javaBean:
List<SysRole> roleList
- 編寫Mapper:使用注解的方式查詢關聯資料
- 編寫Service
- 編寫Controller
- 修改javaBean:
List<SysRole> roleList
- 編寫Mapper:使用注解的方式查詢關聯資料
• • package com.czxy.classes.mapper;
•
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import com.czxy.domain.TbUser;
import org.apache.ibatis.annotations.*;
import java.util.List;
/**
* @author 桐叔
* @email [email protected]
* @description
*/
@Mapper
public interface TbUserMapper extends BaseMapper<TbUser> {
@Select("SELECT * FROM tb_user")
@Results({
@Result(property = "uid", column = "u_id"),
@Result(property = "userName", column = "user_name"),
@Result(property = "password", column = "password"),
@Result(property = "gender", column = "gender"),
@Result(property = "image", column = "image"),
@Result(property = "roleList", many = @Many(select = "com.czxy.classes.mapper.SysRoleMapper.findAllByUid") , column = "u_id")
})
public List<TbUser> findAll();
}
- 修改UserMapper:查詢所有,含角色
• • package com.czxy.classes.mapper;
•
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import com.czxy.sys.SysRole;
import org.apache.ibatis.annotations.Mapper;
import org.apache.ibatis.annotations.Param;
import org.apache.ibatis.annotations.Select;
import java.util.List;
/**
* @author 桐叔
* @email [email protected]
* @description
*/
@Mapper
public interface SysRoleMapper extends BaseMapper<SysRole> {
/**
* 查詢指定使用者的所有角色
* @author 桐叔
* @email [email protected]
* @return
*/
@Select("SELECT r.* FROM sys_role r, sys_user_role ur WHERE r.id = ur.role_id AND ur.user_id = #{uid}")
public List<SysRole> findAllByUid(@Param("uid") String uid);
}
- 修改RoleMapper:查詢指定使用者的角色
• 編寫Servicepackage com.czxy.classes.service;
import com.baomidou.mybatisplus.extension.service.IService;
import com.czxy.domain.TbUser;
import java.util.List;
/**
* @author 桐叔
* @email [email protected]
* @description
*/
public interface TbUserService extends IService<TbUser> {
public List<TbUser> findAll();
}
package com.czxy.classes.service.impl;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
import com.czxy.domain.TbUser;
import com.czxy.classes.mapper.TbUserMapper;
import com.czxy.classes.service.TbUserService;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import java.util.List;
/**
* @author 桐叔
* @email [email protected]
* @description
*/
@Service
@Transactional
public class TbUserServiceImpl extends ServiceImpl<TbUserMapper, TbUser> implements TbUserService {
@Override
public List<TbUser> findAll() {
return baseMapper.findAll();
}
}
• 編寫Controllerpackage com.czxy.classes.controller;
import com.czxy.classes.config.JwtProperties;
import com.czxy.classes.utils.JwtUtils;
import com.czxy.domain.TbUser;
import com.czxy.classes.service.TbUserService;
import com.czxy.vo.BaseResult;
import org.springframework.web.bind.annotation.*;
import javax.annotation.Resource;
import java.util.List;
/**
* @author 桐叔
* @email [email protected]
* @description
*/
@RestController
@RequestMapping("/user")
public class TbUserController {
@Resource
private TbUserService tbUserService;
@GetMapping
public BaseResult findAll() {
List<TbUser> list = tbUserService.findAll();
return BaseResult.ok("查詢成功", list);
}
}
2)前端
<template>
<div>
<!-- 清單start -->
<el-table
:data="userList"
stripe
style="width: 100%">
<el-table-column
type="selection"
width="55">
</el-table-column>
<el-table-column
prop="uid"
label="使用者ID"
fixed
width="80">
</el-table-column>
<el-table-column
prop="userName"
label="姓名"
fixed
width="100">
</el-table-column>
<el-table-column
prop="gender"
label="性别"
width="80">
<template slot-scope="scope">
{{scope.row.gender == 1 ? '男': '女'}}
</template>
</el-table-column>
<el-table-column
prop="image"
label="頭像"
width="80">
<template slot-scope="scope">
<el-avatar size="20" :src="scope.row.image"></el-avatar>
</template>
</el-table-column>
<el-table-column
label="角色"
width="300">
<template slot-scope="scope">
<el-tag v-for="(role,index) in scope.row.roleList" :key="index" closable>{{role.roleName}}</el-tag>
</template>
</el-table-column>
<el-table-column
label="操作"
fixed="right">
<template slot-scope="scope">
<el-button size="mini">編輯</el-button>
<el-button size="mini" type="danger">删除</el-button>
</template>
</el-table-column>
</el-table>
<!-- 清單end -->
</div>
</template>
<script>
export default {
data() {
return {
userList: []
}
},
methods: {
async findAllUser() {
// ajax
let { data: baseResult } = await this.$axios.get('/user-service/user')
// 處理
if(baseResult.code == 20000) {
this.userList = baseResult.data
} else {
this.$message.error(baseResult.message)
}
},
},
mounted() {
// 查詢所有的使用者
this.findAllUser()
},
}
</script>
<style>
</style> 6.2.2 核心1:給使用者授予角色
1)分析
- 前置功能:查詢所有的角色
- 後端:查詢所有
- 前端:下拉清單展示
- 核心:給使用者授予角色
- 完成修改的部分功能,将使用者選擇的角色更新到資料庫(先删除、後添加)
- 後端:使用者角色直接操作,給一個使用者,添加一組角色
- 前端:彈出框,直接使用table中的資料填充前端額下拉清單
2)前置功能:查詢所有的角色-後端
package com.czxy.classes.controller;
import com.czxy.classes.service.SysRoleService;
import com.czxy.sys.SysRole;
import com.czxy.vo.BaseResult;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import javax.annotation.Resource;
import java.util.List;
/**
* @author 桐叔
* @email [email protected]
* @description
*/
@RestController
@RequestMapping("/role")
public class SysRoleController {
@Resource
private SysRoleService sysRoleService;
@GetMapping
public BaseResult findAll() {
List<SysRole> list = sysRoleService.list();
return BaseResult.ok("查詢成功", list);
}
} 3)核心:給使用者授予角色-後端
- 使用者角色直接操作,給一個使用者,添加一組角色
- 編寫mapper:通過uid删除關聯資訊
- 編寫service:先删除後,後添加
- 編寫controller
• • package com.czxy.classes.mapper;
•
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import com.czxy.sys.SysRole;
import com.czxy.sys.SysUserRole;
import org.apache.ibatis.annotations.Delete;
import org.apache.ibatis.annotations.Mapper;
import org.apache.ibatis.annotations.Param;
import org.apache.ibatis.annotations.Select;
/**
* @author 桐叔
* @email [email protected]
* @description
*/
@Mapper
public interface SysUserRoleMapper extends BaseMapper<SysUserRole> {
@Delete("DELETE FROM sys_user_role WHERE user_id = #{uid}")
int deleteByUid(@Param("uid") String uid);
}
- 編寫mapper:通過uid删除關聯資訊
package com.czxy.classes.service;
import com.baomidou.mybatisplus.extension.service.IService;
import com.czxy.domain.TbUser;
import com.czxy.sys.SysUserRole;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
/**
* @author 桐叔
* @email [email protected]
* @description
*/
@Service
@Transactional
public interface SysUserRoleService extends IService<SysUserRole> {
/**
* 給指定使用者收取角色
* @author 桐叔
* @email [email protected]
* @return
*/
void addRoleWithUser(TbUser tbUser);
}
package com.czxy.classes.service.impl;
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
import com.czxy.classes.mapper.SysUserRoleMapper;
import com.czxy.classes.service.SysUserRoleService;
import com.czxy.domain.TbUser;
import com.czxy.sys.SysUserRole;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
/**
* @author 桐叔
* @email [email protected]
* @description
*/
@Service
@Transactional
public class SysUserRoleServiceImpl extends ServiceImpl<SysUserRoleMapper, SysUserRole> implements SysUserRoleService {
@Override
public void addRoleWithUser(TbUser tbUser) {
//1 删除
baseMapper.deleteByUid(tbUser.getUid());
//2 添加
for (Integer roleId : tbUser.getRoleIds()) {
SysUserRole sysUserRole = new SysUserRole(tbUser.getUid(), roleId);
baseMapper.insert(sysUserRole);
}
}
} - 編寫service:先删除後,後添加
• • package com.czxy.classes.controller;
•
import com.czxy.classes.service.SysUserRoleService;
import com.czxy.domain.TbUser;
import com.czxy.vo.BaseResult;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import javax.annotation.Resource;
/**
* @author 桐叔
* @email [email protected]
* @description
*/
@RestController
@RequestMapping("/userRole")
public class SysUserRoleController {
@Resource
private SysUserRoleService sysUserRoleService;
@PostMapping("/addRoleWithUser")
public BaseResult addRoleWithUser(@RequestBody TbUser tbUser) {
// 給使用者添加角色
sysUserRoleService.addRoleWithUser(tbUser);
return BaseResult.ok("授權成功");
}
}
- 編寫controller
<template>
<div>
<!-- 清單start -->
<el-table
:data="userList"
stripe
style="width: 100%">
<el-table-column
type="selection"
width="55">
</el-table-column>
<el-table-column
prop="uid"
label="使用者ID"
fixed
width="80">
</el-table-column>
<el-table-column
prop="userName"
label="姓名"
fixed
width="100">
</el-table-column>
<el-table-column
prop="gender"
label="性别"
width="80">
<template slot-scope="scope">
{{scope.row.gender == 1 ? '男': '女'}}
</template>
</el-table-column>
<el-table-column
prop="image"
label="頭像"
width="80">
<template slot-scope="scope">
<el-avatar :size="20" :src="scope.row.image"></el-avatar>
</template>
</el-table-column>
<el-table-column
label="角色"
width="300">
<template slot-scope="scope">
<el-tag v-for="(role,index) in scope.row.roleList" :key="index" closable>{{role.roleName}}</el-tag>
</template>
</el-table-column>
<el-table-column
label="操作"
fixed="right">
<template slot-scope="scope">
<el-button size="mini" @click="openRoleDialog(scope.row)">授權</el-button>
<el-button size="mini">編輯</el-button>
<el-button size="mini" type="danger">删除</el-button>
</template>
</el-table-column>
</el-table>
<!-- 清單end -->
<!-- 彈出框 start -->
<el-dialog title="授權" :visible.sync="dialogRoleVisible">
<el-form :model="user" label-width="80px">
<el-form-item label="角色清單">
<el-select v-model="user.roleIds" multiple placeholder="請選擇角色">
<el-option v-for="(role,index) in roleList" :key="index" :label="role.roleName" :value="role.id"></el-option>
</el-select>
</el-form-item>
</el-form>
{{user}}
<div slot="footer" class="dialog-footer">
<el-button @click="dialogRoleVisible = false">取 消</el-button>
<el-button type="primary" @click="addRoleWithUser">确 定</el-button>
</div>
</el-dialog>
<!-- 彈出框 end -->
</div>
</template>
<script>
export default {
data() {
return {
userList: [],
dialogRoleVisible: false,
user: {},
roleList: []
}
},
methods: {
async findAllUser() {
// ajax
let { data: baseResult } = await this.$axios.get('/user-service/user')
// 處理
if(baseResult.code == 20000) {
this.userList = baseResult.data
} else {
this.$message.error(baseResult.message)
}
},
async findAllRole() {
// ajax
let { data: baseResult } = await this.$axios.get('/user-service/role')
// 處理
if(baseResult.code == 20000) {
this.roleList = baseResult.data
} else {
this.$message.error(baseResult.message)
}
},
openRoleDialog(user) {
// 查詢所有角色
this.findAllRole()
// 填充表單
this.user.uid = user.uid
// 處理資料:從role對象過濾出role.id
// this.user.roleIds = user.roleList.map(role => role.id) //隻能回顯,不能操作
this.$set(this.user, 'roleIds', user.roleList.map(role => role.id))
// 打開彈出框
this.dialogRoleVisible = true
},
async addRoleWithUser() {
// ajax
let { data: baseResult } = await this.$axios.post('/user-service/userRole/addRoleWithUser', this.user)
// 處理
if(baseResult.code == 20000) {
// 成功
this.$message.success(baseResult.message)
// 重新整理頁面
this.findAllUser()
// 關閉彈出框
this.dialogRoleVisible = false
} else {
this.$message.error(baseResult.message)
}
}
},
mounted() {
// 查詢所有的使用者
this.findAllUser()
},
}
</script>
<style>
</style>