springboot整合shiro,mybatis-plus实现用户角色,权限管控.(完整demo)
shiro是轻量级的权限管控框架.很早前就接触过.不过一直没有实现了,因为本人不太容易理解权限,角色,用户(太抽像了0.0).最近几天又想起来这个shiro,所以又研究了一下.没想到实现了(哈哈哈....).话不多说了.直接上代码.
目录结构:
pom.xml配置
org.springframework.boot
spring-boot-starter-web
com.google.guava
guava
com.jdcloud.sdk
sms
1.2.0
org.apache.shiro
shiro-spring
1.4.0
org.mybatis.spring.boot
mybatis-spring-boot-starter
2.0.1
mysql
mysql-connector-java
runtime
com.baomidou
mybatis-plus-boot-starter
3.1.0
com.alibaba
druid
1.1.6
org.springframework.boot
spring-boot-starter-test
test
org.junit.vintage
junit-vintage-engine
org.projectlombok
lombok
true
org.apache.spark
spark-sql_2.11
2.2.0
org.apache.spark
spark-mllib_2.11
2.2.0
org.apache.spark
spark-hive_2.11
2.2.0
com.google.guava
guava
14.0.1
application.properties
server.port=2080
spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver
spring.datasource.url=jdbc:mysql://localhost:3306/work?serverTimezone=UTC
spring.datasource.username=root
spring.datasource.password=root
# xml扫描,多个目录用逗号或者分号分隔(告诉 Mapper 所对应的 XML 文件位置)
mybatis-plus.mapper-locations=classpath:mapper/*.xml
# 主键类型 AUTO:"数据库ID自增" INPUT:"用户输入ID",ID_WORKER:"全局唯一ID (数字类型唯一ID)", UUID:"全局唯一ID UUID";
mybatis-plus.global-config.db-config.id-type=auto
mybatis-plus.global-config.db-config.db-type=mysql
# 是否开启自动驼峰命名规则映射:从数据库列名到Java属性驼峰命名的类似映射
mybatis-plus.configuration.map-underscore-to-camel-case=true
mybatis-plus.configuration.log-impl=org.apache.ibatis.logging.stdout.StdOutImpl
MyBatisPlusConfig.java
package com.example.demo.cofig;
import com.baomidou.mybatisplus.extension.plugins.PaginationInterceptor;
import com.baomidou.mybatisplus.extension.plugins.PerformanceInterceptor;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
@Configuration
public class MybatisPlusConfig {
/**
* mybatis-plus SQL执行效率插件
*/
@Bean
public PerformanceInterceptor performanceInterceptor() {
return new PerformanceInterceptor();
}
/**
* 分页插件
*/
@Bean
public PaginationInterceptor paginationInterceptor() {
return new PaginationInterceptor();
}
}
ShiroConfig.java
package com.example.demo.shiro.config;
import com.example.demo.shiro.realm.CustomRealm;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import java.util.HashMap;
import java.util.Map;
/**
* shiro的配置类
*/
@Configuration
public class ShiroConfig {
@Bean
@ConditionalOnMissingBean
public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator() {
DefaultAdvisorAutoProxyCreator defaultAAP = new DefaultAdvisorAutoProxyCreator();
defaultAAP.setProxyTargetClass(true);
return defaultAAP;
}
@Bean
public CustomRealm shiroRealm() {
CustomRealm customRealm = new CustomRealm();
return customRealm;
}
@Bean
public SecurityManager securityManager() {
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
securityManager.setRealm(shiroRealm());
return securityManager;
}
/**
* 拦截
* @param securityManager
* @return
*/
@Bean
public ShiroFilterFactoryBean shiroFilterFactoryBean(SecurityManager securityManager) {
ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
shiroFilterFactoryBean.setSecurityManager(securityManager);
Map map = new HashMap<>();
// 退出登录
map.put("/logout", "logout");
map.put("/**", "authc");
// 登录
shiroFilterFactoryBean.setLoginUrl("/login");
// 首页
shiroFilterFactoryBean.setSuccessUrl("/index");
shiroFilterFactoryBean.setUnauthorizedUrl("/error");
shiroFilterFactoryBean.setFilterChainDefinitionMap(map);
return shiroFilterFactoryBean;
}
/**
* 交给spring容器管理
* @param securityManager
* @return
*/
@Bean
public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager) {
AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);
return authorizationAttributeSourceAdvisor;
}
}
定义的Realm类
package com.example.demo.shiro.realm;
import com.example.demo.shiro.bean.Permissions;
import com.example.demo.shiro.bean.Role;
import com.example.demo.shiro.bean.User;
import com.example.demo.shiro.service.LoginService;
import com.example.demo.shiro.service.UserService;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;
/**
* shiro 的 Realm类
*/
public class CustomRealm extends AuthorizingRealm {
@Autowired
private LoginService loginService;
@Autowired
private UserService userService;
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
String name = (String) principalCollection.getPrimaryPrincipal();
User user = loginService.getUserByName(name);
// User userInfo = userService.getUserByName(name);
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
for (Role role : user.getRoles()){
info.addRole(role.getRoleName());
for (Permissions permissions : role.getPermissions()){
info.addStringPermission(permissions.getPermissionsName());
}
}
return info;
}
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
if(authenticationToken.getPrincipal() == null){
return null;
}
String name = authenticationToken.getPrincipal().toString();
User user = loginService.getUserByName(name);
if(null == user){
return null;
} else {
SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(name, user.getPassWord(), getName());
return info;
}
}
}
与数据库对应的一些实体:
UserInfo
package com.example.demo.shiro.bean.po;
import com.baomidou.mybatisplus.annotation.IdType;
import com.baomidou.mybatisplus.annotation.TableId;
import com.baomidou.mybatisplus.annotation.TableName;
import lombok.AllArgsConstructor;
import lombok.Data;
import lombok.NoArgsConstructor;
/**
* 用户 与数据库对应
*/
@Data
@NoArgsConstructor
@AllArgsConstructor
// @TableName中的值对应着表名
@TableName("user")
public class UserInfo {
/**
* ID
*/
@TableId(type = IdType.AUTO)
private Long id;
/**
* 用户名
*/
private String userName;
/**
* 密码
*/
private String passWord;
}
UserRoleInfo
package com.example.demo.shiro.bean.po;
import com.baomidou.mybatisplus.annotation.IdType;
import com.baomidou.mybatisplus.annotation.TableId;
import com.baomidou.mybatisplus.annotation.TableName;
import lombok.AllArgsConstructor;
import lombok.Data;
import lombok.NoArgsConstructor;
/**
* 用户角色中间为 与数据库对应
*/
@Data
@NoArgsConstructor
@AllArgsConstructor
// @TableName中的值对应着表名
@TableName("user_role")
public class UserRoleInfo {
/**
* ID
*/
@TableId(type = IdType.AUTO)
private Long id;
/**
* 用户ID
*/
private Long userId;
/**
* 角色ID
*/
private Long roleId;
}
RoleInfo
package com.example.demo.shiro.bean.po;
import com.baomidou.mybatisplus.annotation.TableName;
import lombok.AllArgsConstructor;
import lombok.Data;
import lombok.NoArgsConstructor;
/**
* 角色类 与数据库对应
*/
@Data
@NoArgsConstructor
@AllArgsConstructor
// @TableName中的值对应着表名
@TableName("role")
public class RoleInfo {
/**
* 角色ID
*/
private Long id;
/**
* 角色名称
*/
private String roleName;
}
RolePermissionsInfo
package com.example.demo.shiro.bean.po;
import com.baomidou.mybatisplus.annotation.IdType;
import com.baomidou.mybatisplus.annotation.TableId;
import com.baomidou.mybatisplus.annotation.TableName;
import lombok.AllArgsConstructor;
import lombok.Data;
import lombok.NoArgsConstructor;
/**
* 角色与权限中间类 与数据库对应
*/
@Data
@NoArgsConstructor
@AllArgsConstructor
// @TableName中的值对应着表名
@TableName("role_permissions")
public class RolePermissionsInfo {
/**
* ID
*/
@TableId(type = IdType.AUTO)
private Long id;
/**
* 角色ID
*/
private Long roleId;
/**
* 权限ID
*/
private Long permissionsId;
}
PermissionsInfo
package com.example.demo.shiro.bean.po;
import com.baomidou.mybatisplus.annotation.IdType;
import com.baomidou.mybatisplus.annotation.TableId;
import com.baomidou.mybatisplus.annotation.TableName;
import lombok.AllArgsConstructor;
import lombok.Data;
import lombok.NoArgsConstructor;
/**
* 权限类,与数据库是对应的
*/
@Data
@NoArgsConstructor
@AllArgsConstructor
// @TableName中的值对应着表名
@TableName("permissions")
public class PermissionsInfo {
/**
* ID
*/
@TableId(type = IdType.AUTO)
private Long id;
/**
* 权限名称
*/
private String permissionsName;
}
业务传递实体
User
package com.example.demo.shiro.bean;
import lombok.AllArgsConstructor;
import lombok.Data;
import lombok.NoArgsConstructor;
import java.util.Set;
/**
* 用户 传递使用
*/
@Data
@NoArgsConstructor
@AllArgsConstructor
public class User {
/**
* ID
*/
private Long id;
/**
* 用户名(登录名) 唯一
*/
private String userName;
/**
* 密码
*/
private String passWord;
/**
* 用户对应的角色集合
*/
private Set roles;
}
UserRole
package com.example.demo.shiro.bean;
import lombok.AllArgsConstructor;
import lombok.Data;
import lombok.NoArgsConstructor;
/**
* 用户和角色 传递使用
*/
@Data
@NoArgsConstructor
@AllArgsConstructor
public class UserRole {
/**
* ID
*/
private Long id;
/**
* 用户ID
*/
private Long userId;
/**
* 角色ID
*/
private Long roleId;
}
Role
package com.example.demo.shiro.bean;
import lombok.AllArgsConstructor;
import lombok.Data;
import lombok.NoArgsConstructor;
import java.util.Set;
/**
* 角色类 传递使用
*/
@Data
@NoArgsConstructor
@AllArgsConstructor
public class Role {
/**
* ID
*/
private Long id;
/**
* 角色名称
*/
private String roleName;
/**
* 角色对应权限集合
*/
private Set permissions;
}
RolePermissions
package com.example.demo.shiro.bean;
import lombok.AllArgsConstructor;
import lombok.Data;
import lombok.NoArgsConstructor;
/**
* 角色与权限中间的类
*/
@Data
@NoArgsConstructor
@AllArgsConstructor
public class RolePermissions {
/**
* ID
*/
private Long id;
/**
* 角色ID
*/
private Long roleId;
/**
* 权限ID
*/
private Long permissionsId;
}
Permissions
package com.example.demo.shiro.bean;
import lombok.AllArgsConstructor;
import lombok.Data;
import lombok.NoArgsConstructor;
/**
* 权限类 传递使用
*/
@Data
@NoArgsConstructor
@AllArgsConstructor
public class Permissions {
/**
* 主键ID
*/
private Long id;
/**
* 权限名
*/
private String permissionsName;
}
dao层
UserDao
package com.example.demo.shiro.dao;
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import com.example.demo.shiro.bean.po.UserInfo;
public interface UserDao extends BaseMapper {
UserInfo selectUserByName(String name);
}
UserRoleDao
package com.example.demo.shiro.dao;
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import com.example.demo.shiro.bean.UserRole;
import com.example.demo.shiro.bean.po.UserRoleInfo;
import java.util.List;
public interface UserRoleDao extends BaseMapper {
List getByUserId(Long userId);
}
RoleDao
package com.example.demo.shiro.dao;
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import com.example.demo.shiro.bean.po.RoleInfo;
import java.util.List;
public interface RoleDao extends BaseMapper {
List selectByUserId(Long userId);
}
RolePermissionsDao
package com.example.demo.shiro.dao;
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import com.example.demo.shiro.bean.po.RolePermissionsInfo;
import java.util.List;
public interface RolePermissionsDao extends BaseMapper {
List selectByRoleId(Long roleId);
}
PermissionsDao
package com.example.demo.shiro.dao;
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import com.example.demo.shiro.bean.po.PermissionsInfo;
public interface PermissionsDao extends BaseMapper {
}
service层
我把接口和实现类写在一起了.如果开发项目就按规范的来
LoginService
package com.example.demo.shiro.service;
import com.example.demo.shiro.bean.User;
public interface LoginService {
User getUserByName(String userName);
}
LoginServiceImpl
package com.example.demo.shiro.service;
import com.example.demo.shiro.bean.Permissions;
import com.example.demo.shiro.bean.Role;
import com.example.demo.shiro.bean.User;
import com.example.demo.shiro.bean.po.PermissionsInfo;
import com.example.demo.shiro.bean.po.RoleInfo;
import com.example.demo.shiro.bean.po.RolePermissionsInfo;
import com.example.demo.shiro.bean.po.UserRoleInfo;
import org.springframework.beans.BeanUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
@Service
public class LoginServiceImpl implements LoginService {
@Autowired
private UserService userService;
@Autowired
private RoleService roleService;
@Autowired
private PermissionsService permissionsService;
@Autowired
private UserRoleService userRoleService;
@Autowired
private RolePermissionsService rolePermissionsService;
/**
* 根据用户名查询用户 用户名唯一
* @param userName
* @return
*/
@Override
public User getUserByName(String userName) {
User user = getMapByName(userName);
return user;
}
/**
* 根据用户名查询用户
* @param userName
* @return
*/
private User getMapByName(String userName){
User user2 = userService.getUserByName(userName);
List userRoleList = userRoleService.getByUserId(user2.getId());
Set roleInfoSet = new HashSet<>();
for (UserRoleInfo userRole : userRoleList) {
Role role = new Role();
RoleInfo roleInfo = roleService.getById(userRole.getRoleId());
BeanUtils.copyProperties(roleInfo, role);
Set permissionsSet = new HashSet<>();
List rolePermissionsInfoList = rolePermissionsService.getByRoleId(roleInfo.getId());
for (RolePermissionsInfo rolePermissionsInfo : rolePermissionsInfoList) {
Permissions permissions = new Permissions();
PermissionsInfo permissionsInfo = permissionsService.getById(rolePermissionsInfo.getPermissionsId());
BeanUtils.copyProperties(permissionsInfo, permissions);
permissionsSet.add(permissions);
}
role.setPermissions(permissionsSet);
roleInfoSet.add(role);
}
user2.setRoles(roleInfoSet);
return user2;
}
}
UserService
package com.example.demo.shiro.service;
import com.baomidou.mybatisplus.extension.service.IService;
import com.example.demo.shiro.bean.User;
import com.example.demo.shiro.bean.po.UserInfo;
public interface UserService extends IService {
User getUserByName(String name);
}
UserServiceImpl
package com.example.demo.shiro.service;
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
import com.example.demo.shiro.bean.User;
import com.example.demo.shiro.bean.po.UserInfo;
import com.example.demo.shiro.dao.UserDao;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
@Service
@Transactional
public class UserServiceImpl extends ServiceImpl implements UserService{
@Autowired
private UserDao userDao;
@Override
public User getUserByName(String name) {
User user = new User();
UserInfo userInfo = userDao.selectUserByName(name);
user.setId(userInfo.getId());
user.setPassWord(userInfo.getPassWord());
user.setUserName(userInfo.getUserName());
// user.setRoles();
return user;
}
}
UserRoleService
package com.example.demo.shiro.service;
import com.baomidou.mybatisplus.extension.service.IService;
import com.example.demo.shiro.bean.UserRole;
import com.example.demo.shiro.bean.po.UserRoleInfo;
import java.util.List;
public interface UserRoleService extends IService {
List getByUserId(Long userId);
}
UserRoleServiceImpl
package com.example.demo.shiro.service;
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
import com.example.demo.shiro.bean.UserRole;
import com.example.demo.shiro.bean.po.UserRoleInfo;
import com.example.demo.shiro.dao.UserRoleDao;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import java.util.List;
@Service
@Transactional
public class UserRoleServiceImpl extends ServiceImpl implements UserRoleService{
@Autowired
private UserRoleDao userRoleDao;
@Override
public List getByUserId(Long userId) {
return userRoleDao.getByUserId(userId);
}
}
RoleService
package com.example.demo.shiro.service;
import com.baomidou.mybatisplus.extension.service.IService;
import com.example.demo.shiro.bean.po.RoleInfo;
import java.util.List;
public interface RoleService extends IService {
List getByUserId(Long id);
}
RoleServiceImpl
package com.example.demo.shiro.service;
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
import com.example.demo.shiro.bean.po.RoleInfo;
import com.example.demo.shiro.dao.RoleDao;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import java.util.List;
@Service
@Transactional
public class RoleServiceImpl extends ServiceImpl implements RoleService{
@Autowired
private RoleDao roleDao;
@Override
public List getByUserId(Long userId) {
List roleInfoList = roleDao.selectByUserId(userId);
return roleInfoList;
}
}
RolePermissionsService
package com.example.demo.shiro.service;
import com.baomidou.mybatisplus.extension.service.IService;
import com.example.demo.shiro.bean.po.RolePermissionsInfo;
import java.util.List;
public interface RolePermissionsService extends IService {
List getByRoleId(Long roleId);
}
RolePermissionsServiceImpl
package com.example.demo.shiro.service;
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
import com.example.demo.shiro.bean.po.RolePermissionsInfo;
import com.example.demo.shiro.dao.RolePermissionsDao;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import java.util.List;
@Service
@Transactional
public class RolePermissionsServiceImpl extends ServiceImpl implements RolePermissionsService{
@Autowired
private RolePermissionsDao rolePermissionsDao;
@Override
public List getByRoleId(Long roleId) {
return rolePermissionsDao.selectByRoleId(roleId);
}
}
PermissionsService
package com.example.demo.shiro.service;
import com.baomidou.mybatisplus.extension.service.IService;
import com.example.demo.shiro.bean.po.PermissionsInfo;
public interface PermissionsService extends IService {
}
PermissionsServiceImpl
package com.example.demo.shiro.service;
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
import com.example.demo.shiro.bean.po.PermissionsInfo;
import com.example.demo.shiro.dao.PermissionsDao;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
@Service
@Transactional
public class PermissionsServiceImpl extends ServiceImpl implements PermissionsService{
}
启动类
package com.example.demo;
import org.mybatis.spring.annotation.MapperScan;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
@SpringBootApplication
@MapperScan(basePackages = {"com.example.demo.shiro.dao"}) //扫描DAO
public class DemoApplication {
public static void main(String[] args) {
SpringApplication.run(DemoApplication.class, args);
}
}
Mapper文件
UserDao.xml
UserRoleDao.xml
RoleDao.xml
RolePermissionsDao.xml
PermissionsDao.xml
sql文件
sql设计的比较简单
/*
SQLyog Professional v12.09 (64 bit)
MySQL - 5.7.29 : Database - work
*********************************************************************
*/
/*!40101 SET NAMES utf8 */;
/*!40101 SET SQL_MODE=''*/;
/*!40014 SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0 */;
/*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */;
/*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' */;
/*!40111 SET @OLD_SQL_NOTES=@@SQL_NOTES, SQL_NOTES=0 */;
CREATE DATABASE /*!32312 IF NOT EXISTS*/`work` /*!40100 DEFAULT CHARACTER SET utf8 */;
USE `work`;
/*Table structure for table `permissions` */
DROP TABLE IF EXISTS `permissions`;
CREATE TABLE `permissions` (
`id` bigint(10) NOT NULL AUTO_INCREMENT,
`permissions_name` varchar(20) DEFAULT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=7 DEFAULT CHARSET=utf8;
/*Data for the table `permissions` */
insert into `permissions`(`id`,`permissions_name`) values (1,'query'),(2,'add'),(3,'delete'),(4,'detail'),(5,'update'),(6,'list');
/*Table structure for table `product` */
DROP TABLE IF EXISTS `product`;
CREATE TABLE `product` (
`id` varchar(255) NOT NULL COMMENT '主键id',
`title` varchar(255) DEFAULT NULL,
`price` varchar(255) DEFAULT NULL,
`producturl` varchar(255) DEFAULT NULL,
`pic` varchar(255) DEFAULT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
/*Data for the table `product` */
/*Table structure for table `role` */
DROP TABLE IF EXISTS `role`;
CREATE TABLE `role` (
`id` bigint(10) NOT NULL AUTO_INCREMENT,
`role_name` varchar(20) DEFAULT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=6 DEFAULT CHARSET=utf8;
/*Data for the table `role` */
insert into `role`(`id`,`role_name`) values (1,'bronze'),(2,'silver'),(3,'gold'),(4,'diamond'),(5,'king');
/*Table structure for table `role_permissions` */
DROP TABLE IF EXISTS `role_permissions`;
CREATE TABLE `role_permissions` (
`id` bigint(10) NOT NULL AUTO_INCREMENT,
`role_id` bigint(10) NOT NULL,
`permissions_id` bigint(10) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=11 DEFAULT CHARSET=utf8;
/*Data for the table `role_permissions` */
insert into `role_permissions`(`id`,`role_id`,`permissions_id`) values (1,1,1),(2,1,2),(4,2,2),(5,2,3),(6,2,4),(7,3,2),(8,3,4),(9,3,5),(10,5,5);
/*Table structure for table `user` */
DROP TABLE IF EXISTS `user`;
CREATE TABLE `user` (
`id` bigint(10) NOT NULL AUTO_INCREMENT,
`user_name` varchar(50) DEFAULT NULL,
`pass_word` varchar(50) DEFAULT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=6 DEFAULT CHARSET=utf8;
/*Data for the table `user` */
insert into `user`(`id`,`user_name`,`pass_word`) values (1,'zhangsan','123456'),(2,'lisi','123456'),(3,'wangwu','123456'),(4,'abc','123456'),(5,'huangjin','123456');
/*Table structure for table `user_role` */
DROP TABLE IF EXISTS `user_role`;
CREATE TABLE `user_role` (
`id` bigint(10) NOT NULL AUTO_INCREMENT,
`user_id` bigint(10) NOT NULL,
`role_id` bigint(10) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=9 DEFAULT CHARSET=utf8;
/*Data for the table `user_role` */
insert into `user_role`(`id`,`user_id`,`role_id`) values (1,1,1),(2,1,2),(3,2,1),(4,2,2),(6,3,4),(7,4,1),(8,5,3);
/*!40101 SET SQL_MODE=@OLD_SQL_MODE */;
/*!40014 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS */;
/*!40014 SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS */;
/*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */;
代码上完了.看一下启动测试.使用postman来测试
首先测试权限级别的: @RequiresPermissions("xxx")
- 未登录的情况下访问接口
- 使用"zhangsan"用户登录
"zhangsan" 用户是拥有id为1,2,3,4的权限
add的权限
detail权限
detail权限
update权限,因为"zhangsan"用户没有update权限.所以应该是报错
下面测试角色级别的:@RequiresRoles("xxx")
换一个"huangjin"用户登录
访问黄金角色的接口,结果是OK的
再访问青铜的接口,提示没有权限,并且后台也报错了
============================================================================================
第一次写博客,纯手打,复制,粘图.太不易了.希望能帮到各位.
============================================================================================
如有不合理的请留言指出,共同学习下.谢谢!!!
============================================================================================
原创文章,转载注明出处!