SSM项目练习笔记(企业权限权限管理)15天_2
完整项目链接
https://github.com/LZX842056112/SSMPermission
第九天
1.订单详情
<!--订单详情-->
<resultMap id="selorders" type="com.itheima.domain.Orders">
<id column="id" property="id"></id>
<result column="orderNum" property="orderNum"></result>
<result column="orderTime" property="orderTime"></result>
<result column="peopleCount" property="peopleCount"></result>
<result column="orderDesc" property="orderDesc"></result>
<result column="payType" property="payType"></result>
<result column="orderStatus" property="orderStatus"></result>
<association column="productId" property="product" javaType="com.itheima.domain.Product">
<id column="id" property="id"></id>
<result column="productNum" property="productNum"></result>
<result column="productName" property="productName"></result>
<result column="cityName" property="cityName"></result>
<result column="departureTime" property="departureTime"></result>
<result column="productPrice" property="productPrice"></result>
<result column="productDesc" property="productDesc"></result>
<result column="productStatus" property="productStatus"></result>
</association>
<association column="memberId" property="member" javaType="com.itheima.domain.Member">
<id column="id" property="id"></id>
<result column="name" property="name"></result>
<result column="nickName" property="nickName"></result>
<result column="phoneNum" property="phoneNum"></result>
<result column="email" property="email"></result>
</association>
<collection property="travellers" ofType="com.itheima.domain.Traveller">
<id column="id" property="id"></id>
<result column="NAME" property="name"></result>
<result column="sex" property="sex"></result>
<result column="phoneNum" property="phoneNum"></result>
<result column="credentialsType" property="credentialsType"></result>
<result column="credentialsNum" property="credentialsNum"></result>
<result column="travellerType" property="travellerType"></result>
</collection>
</resultMap>
<select id="findById" parameterType="java.lang.String" resultMap="selorders">
select o.*,p.*,m.*,t.* from orders o
left join order_traveller ot on o.id=ot.orderId
left join traveller t on t.id=ot.travellerId
left join product p on o.productId=p.id
left join member m on o.memberId=m.id
where o.id=#{id} limit 1
</select>
<!-- 正文区域 -->
<section class="content">
<div class="box-body">
<!--tab页-->
<div class="nav-tabs-custom">
<!--tab内容-->
<div class="tab-content">
<!--label显示的内容-->
<div class="tab-pane active" id="tab-label">
<div class="row data-type">
<div class="col-md-2 title">订单ID</div>
<div class="col-md-4 data text">${ordersList.id}</div>
<div class="col-md-2 title">订单编号</div>
<div class="col-md-4 data text">${ordersList.orderNum}</div>
<div class="col-md-2 title">下单时间</div>
<div class="col-md-4 data text">${ordersList.orderTimeStr}</div>
<div class="col-md-2 title">出行人数</div>
<div class="col-md-4 data text">${ordersList.peopleCount}</div>
<div class="col-md-2 title">订单状态</div>
<div class="col-md-4 data text">${ordersList.orderStatusStr}</div>
<div class="col-md-2 title">支付方式</div>
<div class="col-md-4 data text">${ordersList.payTypeStr}</div>
<div class="col-md-2 title">订单描述</div>
<div class="col-md-4 data text">${ordersList.orderDesc}</div>
</div>
</div>
<!--label显示的内容/-->
</div>
<!--tab内容/-->
</div>
<!--tab页/-->
<div class="panel panel-default">
<div class="panel-heading">产品信息</div>
<div class="row data-type">
<div class="col-md-2 title">产品ID</div>
<div class="col-md-4 data text">${ordersList.product.id}</div>
<div class="col-md-2 title">产品编号</div>
<div class="col-md-4 data text">${ordersList.product.productNum}</div>
<div class="col-md-2 title">产品名称</div>
<div class="col-md-4 data text">${ordersList.product.productName}</div>
<div class="col-md-2 title">出发城市</div>
<div class="col-md-4 data text">${ordersList.product.cityName}</div>
<div class="col-md-2 title">出发时间</div>
<div class="col-md-4 data text">${ordersList.product.departureTimeStr}</div>
<div class="col-md-2 title">产品价格</div>
<div class="col-md-4 data text">${ordersList.product.productPrice}</div>
<div class="col-md-2 title">状态</div>
<div class="col-md-4 data text">${ordersList.product.productStatusStr}</div>
<div class="col-md-2 title">产品描述</div>
<div class="col-md-4 data text">${ordersList.product.productDesc}</div>
</div>
</div>
<div class="panel panel-default">
<div class="panel-heading">会员信息</div>
<div class="row data-type">
<div class="col-md-2 title">会员ID</div>
<div class="col-md-4 data text">${ordersList.member.id}</div>
<div class="col-md-2 title">姓名</div>
<div class="col-md-4 data text">${ordersList.member.name}</div>
<div class="col-md-2 title">昵称</div>
<div class="col-md-4 data text">${ordersList.member.nickName}</div>
<div class="col-md-2 title">电话号码</div>
<div class="col-md-4 data text">${ordersList.member.phoneNum}</div>
<div class="col-md-2 title">邮箱</div>
<div class="col-md-4 data text">${ordersList.member.email}</div>
</div>
</div>
<c:forEach items="${ordersList.travellers}" var="traveller">
<div class="panel panel-default">
<div class="panel-heading">旅客信息</div>
<div class="row data-type">
<div class="col-md-2 title">旅客ID</div>
<div class="col-md-4 data text">${traveller.id}</div>
<div class="col-md-2 title">姓名</div>
<div class="col-md-4 data text">${traveller.name}</div>
<div class="col-md-2 title">性别</div>
<div class="col-md-4 data text">${traveller.sex}</div>
<div class="col-md-2 title">电话号码</div>
<div class="col-md-4 data text">${traveller.phoneNum}</div>
<div class="col-md-2 title">证件类型</div>
<div class="col-md-4 data text">${traveller.credentialsTypeStr}</div>
<div class="col-md-2 title">证件号码</div>
<div class="col-md-4 data text">${traveller.credentialsNum}</div>
<div class="col-md-2 title">旅客类型</div>
<div class="col-md-4 data text">${traveller.travellerTypeStr}</div>
</div>
</div>
</c:forEach>
<div class="col-md-12 data text-center">
<button type="button" class="btn bg-default" onclick="history.back(-1);">返回</button>
</div>
</div>
</section>
<!-- 正文区域 /-->
第十天
1.订单删除
2.订单批量删除
3.权限管理
数据库表
实体类
修改导航栏
第十一天
1.用户登录
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:security="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security.xsd">
<!-- 配置不拦截的资源 -->
<security:http pattern="/login.jsp" security="none"/>
<security:http pattern="/failer.jsp" security="none"/>
<security:http pattern="/css/**" security="none"/>
<security:http pattern="/img/**" security="none"/>
<security:http pattern="/plugins/**" security="none"/>
<!--
配置具体的规则
auto-config="true" 不用自己编写登录的页面,框架提供默认登录页面
use-expressions="false" 是否使用SPEL表达式(没学习过)
-->
<security:http auto-config="true" use-expressions="false">
<!-- 配置具体的拦截的规则 pattern="请求路径的规则" access="访问系统的人,必须有ROLE_USER的角色" -->
<security:intercept-url pattern="/**" access="ROLE_USER,ROLE_ADMIN"/>
<!-- 定义跳转的具体的页面 -->
<security:form-login
login-page="/login.jsp"
login-processing-url="/login.do"
default-target-url="/index.jsp"
authentication-failure-url="/failer.jsp"
authentication-success-forward-url="/pages/main.jsp"
/>
<!-- 关闭跨域请求 -->
<security:csrf disabled="true"/>
</security:http>
<!-- 切换成数据库中的用户名和密码 -->
<security:authentication-manager>
<security:authentication-provider user-service-ref="userService">
</security:authentication-provider>
</security:authentication-manager>
</beans>
@Service("userService")
@Transactional
public class IUserServiceImpl implements IUserService {
@Autowired
private IUserDao userDao;
@Override
public UserDetails loadUserByUsername(String s) throws UsernameNotFoundException {
UserInfo userInfo = null;
try {
userInfo = userDao.findByUserName(s);
} catch (Exception e) {
e.printStackTrace();
}
//处理自己的用户对象,封装成UserDetails
User user = new User(userInfo.getUsername(),"{noop}"+userInfo.getPassword(), userInfo.getStatus() == 0 ? false : true, true, true, true, getAuthority(userInfo.getRoles()));
return user;
}
//作用就是返回一个List集合,集合装入的是角色描述
public List<SimpleGrantedAuthority> getAuthority(List<Role> roles){
List<SimpleGrantedAuthority> list = new ArrayList<>();
for (Role role : roles) {
list.add(new SimpleGrantedAuthority("ROLE_"+role.getRoleName()));
}
return list;
}
}
2.用户退出
3.用户全部查询,模糊查询
@Controller()
@RequestMapping("/user")
public class UserController {
@Autowired
IUserService userService;
/**
* 查询全部用户信息,模糊查询
* @param page
* @param size
* @param fuzzyName
* @return
* @throws Exception
*/
@RequestMapping("/findAll.do")
public ModelAndView findAll(@RequestParam(value = "page",defaultValue = "1") Integer page,@RequestParam(value = "size",defaultValue = "4") Integer size,@RequestParam(value = "fuzzyName",defaultValue = "",required = false) String fuzzyName) throws Exception {
ModelAndView mv = new ModelAndView();
//判断是乱码 (GBK包含全部中文字符;UTF-8则包含全世界所有国家需要用到的字符。)
if (!(Charset.forName("GBK").newEncoder().canEncode(fuzzyName))) {
//转码UTF8
fuzzyName = new String(fuzzyName.getBytes("ISO-8859-1"), "utf-8");
}
List<UserInfo> userInfoList = userService.findAll(page,size,fuzzyName);
PageInfo pageInfo = new PageInfo(userInfoList);
mv.addObject("userInfoList",userInfoList);
mv.addObject("fuzzyName",fuzzyName);
mv.addObject("pageInfo",pageInfo);
mv.setViewName("user-list");
return mv;
}
}
<!--数据列表-->
<table id="dataList" class="table table-bordered table-striped table-hover dataTable">
<thead>
<tr>
<th class="" style="padding-right:0px;">
<input id="selall" type="checkbox" class="icheckbox_square-blue">
</th>
<th>ID</th>
<th>用户名</th>
<th>邮箱</th>
<th>联系电话</th>
<th>状态</th>
<th>操作</th>
</tr>
</thead>
<tbody>
<c:forEach items="${userInfoList}" var="user">
<tr>
<td><input value="${user.id}" name="ids" type="checkbox"></td>
<td>${user.id }</td>
<td>${user.username }</td>
<td>${user.email }</td>
<td>${user.phoneNum }</td>
<td>${user.statusStr }</td>
<td class="text-center">
<a href="${pageContext.request.contextPath}/user/findById.do?id=${user.id}" class="btn bg-olive btn-xs">详情</a>
<a href="${pageContext.request.contextPath}/user/findUserByIdAndAllRole.do?id=${user.id}" class="btn bg-olive btn-xs">添加角色</a>
</td>
</tr>
</c:forEach>
</tbody>
</table>
<!--数据列表/-->
4.用户添加
<!--label显示的内容-->
<div class="tab-pane active" id="tab-label">
<form action="${pageContext.request.contextPath}/user/addUser.do" method="post">
<div class="row data-type">
<div class="col-md-2 title">用户名</div>
<div class="col-md-4 data">
<input type="text" class="form-control" name="username"/>
</div>
<div class="col-md-2 title">邮箱</div>
<div class="col-md-4 data">
<input type="text" class="form-control" name="email"/>
</div>
<div class="col-md-2 title">密码</div>
<div class="col-md-4 data">
<input type="password" class="form-control" name="password"/>
</div>
<div class="col-md-2 title">电话</div>
<div class="col-md-4 data">
<input type="text" class="form-control" name="phoneNum"/>
</div>
<div class="col-md-2 title">状态</div>
<div class="col-md-4 data">
<div class="form-group form-inline">
<div class="radio"><label><input type="radio" name="status" value="1"> 开启</label></div>
<div class="radio"><label><input type="radio" name="status" value="0"> 未开启</label></div>
</div>
</div>
<div class="col-md-12 data text-center">
<button type="submit" class="btn bg-maroon">添加</button>
<button type="button" class="btn bg-default" onclick="history.back(-1);">返回</button>
</div>
</div>
</form>
</div>
<!--label显示的内容/-->
第十二天
1.用户详情
<!--用户详情-->
<resultMap id="selById" type="com.itheima.domain.UserInfo">
<id column="id" property="id"></id>
<result column="email" property="email"></result>
<result column="username" property="username"></result>
<result column="PASSWORD" property="password"></result>
<result column="phoneNum" property="phoneNum"></result>
<result column="STATUS" property="status"></result>
<collection property="roles" ofType="com.itheima.domain.Role">
<id column="rid" property="id"></id>
<result column="roleName" property="roleName"></result>
<result column="roleDesc" property="roleDesc"></result>
<collection property="permissions" ofType="com.itheima.domain.Permission">
<id column="pid" property="id"></id>
<result column="permissionName" property="permissionName"></result>
<result column="url" property="url"></result>
</collection>
</collection>
</resultMap>
<select id="findById" parameterType="java.lang.String" resultType="com.itheima.domain.UserInfo" resultMap="selById">
select u.*,r.*,p.* from users u
left join users_role ur on u.id=ur.userId
left join role r on r.rid=ur.roleId
left join role_permission rp on r.rid=rp.roleId
left join permission p on p.pid=rp.permissionId
where u.id=#{id}
</select>
2.用户添加角色
<div class="box-body">
<form action="${pageContext.request.contextPath}/user/addRoleToUser.do" method="post">
<!-- 数据表格 -->
<div class="table-box">
<input type="hidden" name="userId" value="${userInfo.id}">
<!--数据列表-->
<table id="dataList" class="table table-bordered table-striped table-hover dataTable">
<thead>
<tr>
<th class="" style="padding-right:0px;">
<input id="selall" type="checkbox" class="icheckbox_square-blue">
</th>
<th>ID</th>
<th>角色名称</th>
<th>角色描述</th>
</tr>
</thead>
<tbody>
<c:forEach items="${roleList}" var="role">
<tr>
<td><input value="${role.id}" name="ids" type="checkbox"></td>
<td>${role.id }</td>
<td>${role.roleName }</td>
<td>${role.roleDesc }</td>
</tr>
</c:forEach>
</tbody>
</table>
<!--数据列表/-->
<div class="col-md-12 data text-center">
<button onclick="addbtn()" type="submit"class="btn bg-maroon">添加</button>
<button type="button" class="btn bg-default" onclick="history.back(-1);">返回</button>
</div>
</div>
<!-- 数据表格 /-->
</form>
</div>
第十三天
1.角色管理:角色全部查询
<!--数据列表-->
<table id="dataList" class="table table-bordered table-striped table-hover dataTable">
<thead>
<tr>
<th class="" style="padding-right:0px;">
<input id="selall" type="checkbox" class="icheckbox_square-blue">
</th>
<th>ID</th>
<th>角色名</th>
<th>角色描述</th>
<th>操作</th>
</tr>
</thead>
<tbody>
<c:forEach items="${roleList}" var="role">
<tr>
<td><input value="${role.id}" name="ids" type="checkbox"></td>
<td>${role.id }</td>
<td>${role.roleName}</td>
<td>${role.roleDesc}</td>
<td class="text-center">
<a href="${pageContext.request.contextPath}/role/findById.do?id=${role.id}" class="btn bg-olive btn-xs">详情</a>
<a href="${pageContext.request.contextPath}/role/findUserByIdAndAllPermission.do?id=${role.id}" class="btn bg-olive btn-xs">添加权限</a>
</td>
</tr>
</c:forEach>
</tbody>
</table>
<!--数据列表/-->
2.角色新建
3.角色删除和批量删除
/**
* 角色批量删除
* @param idStr
* @return
* @throws Exception
*/
@RequestMapping("/deleteByIdStr.do")
public String deleteByIdStr(@RequestParam(value = "idStr",defaultValue = "",required = false)String idStr) throws Exception {
if (idStr != null && idStr != "" && idStr.length()>0){
String[] ids = idStr.split(",");
for (String id : ids) {
System.out.println(id);
roleService.deleteById(id);
}
}
return "redirect:findAll.do";
}
/**
* 角色删除
* @param id
* @return
* @throws Exception
*/
@RequestMapping("/deleteById.do")
public String deleteById(@RequestParam(value = "id",required = false) String id) throws Exception {
roleService.deleteById(id);
return "redirect:findAll.do";
}
4.角色详情
5.资源权限管理:查询全部资源权限
<!--数据列表-->
<table id="dataList" class="table table-bordered table-striped table-hover dataTable">
<thead>
<tr>
<th class="" style="padding-right:0px;">
<input id="selall" type="checkbox" class="icheckbox_square-blue">
</th>
<th>ID</th>
<th>权限名</th>
<th>资源路径</th>
<th>操作</th>
</tr>
</thead>
<tbody>
<c:forEach items="${permissionList}" var="permission">
<tr>
<td><input value="${permission.id}" name="ids" type="checkbox"></td>
<td>${permission.id }</td>
<td>${permission.permissionName}</td>
<td>${permission.url}</td>
<td class="text-left">
<a href="${pageContext.request.contextPath}/permission/findById.do?id=${permission.id}" class="btn bg-olive btn-xs">详情</a>
<a onclick="delById('${permission.id}')" class="btn bg-olive btn-xs">删除</a>
</td>
</tr>
</c:forEach>
</tbody>
</table>
<!--数据列表/-->
6.资源权限添加
7.权限删除和批量删除
/**
* 权限批量删除
* @param idStr
* @return
* @throws Exception
*/
@RequestMapping("/deleteByIdStr.do")
public String deleteByIdStr(@RequestParam(value = "idStr",defaultValue = "",required = false)String idStr) throws Exception {
if (idStr != null && idStr != "" && idStr.length()>0){
String[] ids = idStr.split(",");
for (String id : ids) {
System.out.println(id);
permissionService.deleteById(id);
}
}
return "redirect:findAll.do";
}
/**
* 权限删除
* @param id
* @return
*/
@RequestMapping("/deleteById.do")
public String deleteById(String id) throws Exception {
permissionService.deleteById(id);
return "redirect:findAll.do";
}
8.资源权限详情
第十四天
1.角色添加权限
<div class="box-body">
<form action="${pageContext.request.contextPath}/role/addPermissionToRole.do" method="post">
<!-- 数据表格 -->
<div class="table-box">
<input type="hidden" name="roleId" value="${role.id}">
<!--数据列表-->
<table id="dataList" class="table table-bordered table-striped table-hover dataTable">
<thead>
<tr>
<th class="" style="padding-right:0px;">
<input id="selall" type="checkbox" class="icheckbox_square-blue">
</th>
<th>ID</th>
<th>权限名称</th>
<th>URL</th>
</tr>
</thead>
<tbody>
<c:forEach items="${permissionList}" var="permission">
<tr>
<td><input value="${permission.id}" name="ids" type="checkbox"></td>
<td>${permission.id }</td>
<td>${permission.permissionName }</td>
<td>${permission.url}</td>
</tr>
</c:forEach>
</tbody>
</table>
<!--数据列表/-->
<div class="col-md-12 data text-center">
<button onclick="addbtn()" type="submit"class="btn bg-maroon">添加</button>
<button type="button" class="btn bg-default" onclick="history.back(-1);">返回</button>
</div>
</div>
<!-- 数据表格 /-->
</form>
</div>
/**
* 添加权限
* @param roleId
* @param permissionIds
* @return
* @throws Exception
*/
@RequestMapping("/addPermissionToRole.do")
public String addPermissionToRole(@RequestParam(value = "roleId") String roleId,@RequestParam(value = "ids",defaultValue = "") String[] permissionIds) throws Exception {
for (String permissionId : permissionIds) {
roleService.addPermissionToRole(roleId,permissionId);
}
return "redirect:findAll.do";
}
2.角色权限控制
根据需求进行权限控制
3.页面权限控制
4.登录页记住我
第十五天
1.创建日志
2.查询全部日志,模糊查询
<!--数据列表-->
<table id="dataList" class="table table-bordered table-striped table-hover dataTable">
<thead>
<tr>
<th class="" style="padding-right:0px;">
<input id="selall" type="checkbox" class="icheckbox_square-blue">
</th>
<th>ID</th>
<th>访问时间</th>
<th>用户名</th>
<th>IP</th>
<th>URL</th>
<th>执行时长</th>
<th>访问方法</th>
</tr>
</thead>
<tbody>
<c:forEach items="${sysLogList}" var="sysLog">
<tr>
<td><input value="${sysLog.id}" name="ids" type="checkbox"></td>
<td>${sysLog.id }</td>
<td>${sysLog.visitTimeStr }</td>
<td>${sysLog.username }</td>
<td>${sysLog.ip}</td>
<td>${sysLog.url }</td>
<td>${sysLog.executionTime }</td>
<td>${sysLog.method }</td>
</tr>
</c:forEach>
</tbody>
</table>
<!--数据列表/-->
3.日志添加
@Component
@Aspect
public class LogAOP {
@Autowired
ISysLogService sysLogService;
@Autowired
private HttpServletRequest request;
private Date visitTime;// 访问时间
private Class clazz;// 访问的类
private Method method;// 访问的方法
//前置通知 主要是获取开始时间,执行的类是哪一个,执行的是哪一个方法
@Before("execution(* com.itheima.web.*.*(..))")
public void doBefore(JoinPoint jp) throws NoSuchMethodException {
//当前时间就是开始访问的时间
visitTime = new Date();
//具体要访问的类
clazz = jp.getTarget().getClass();
//获取访问的方法的名称
String methodName = jp.getSignature().getName();// 获取访问的方法的名称
Object[] args = jp.getArgs();// 获取访问的方法的参数
//获取具体执行的方法的Method对象
if (args == null || args.length == 0) {//无参数
// 只能获取无参数方法
method = clazz.getMethod(methodName);
} else {
// 有参数,就将args中所有元素遍历,获取对应的Class,装入到一个Class[]
Class[] classeArgs = new Class[args.length];
for (int i = 0; i < args.length; i++) {
classeArgs[i] = args[i].getClass();
}
// 获取有参数方法
method = clazz.getMethod(methodName, classeArgs);
}
}
//后置通知
@After("execution(* com.itheima.web.*.*(..))")
public void doAfter(JoinPoint jp) throws Exception {
long time = new Date().getTime() - visitTime.getTime(); //获取访问的时长
String url = "";
//获取url
if (clazz != null && method != null && clazz != LogAOP.class) {
//1.获取类上的@RequestMapping("/orders")
RequestMapping classAnnotation = (RequestMapping) clazz.getAnnotation(RequestMapping.class);
if (classAnnotation != null) {
String[] classValue = classAnnotation.value();
//2.获取方法上的@RequestMapping(xxx)
RequestMapping methodAnnotation = method.getAnnotation(RequestMapping.class);
if (methodAnnotation != null) {
String[] methodValue = methodAnnotation.value();
url = classValue[0] + methodValue[0];
//获取访问的ip
String ip = request.getRemoteAddr();
//获取当前操作的用户
SecurityContext context = SecurityContextHolder.getContext();//从上下文中获了当前登录的用户
User user = (User) context.getAuthentication().getPrincipal();
String username = user.getUsername();
//将日志相关信息封装到SysLog对象
SysLog sysLog = new SysLog();
sysLog.setExecutionTime(time); //执行时长
sysLog.setIp(ip);
sysLog.setMethod("[类名] " + clazz.getName() + "[方法名] " + method.getName());
sysLog.setUrl(url);
sysLog.setUsername(username);
sysLog.setVisitTime(visitTime);
//调用Service完成操作
sysLogService.addSysLog(sysLog);
}
}
}
}
}
