springSecurity-1 权限表设计和数据库创建
RABC
RBAC是业界普遍采用的授权方式,它有两种解释:
Role-Based Access Control
基于角色的访问控制,即按角色进行授权
Resource-Based Access Control
基于资源的访问控制,即按资源(或权限)进行授权
权限表设计
数据库SQL
数据库用的是mysql
下面是用户表、用户_角色中间表、角色表、角色_权限中间表、权限表的SQL
DROP TABLE IF EXISTS `admin`;
CREATE TABLE `admin` (
`aid` int(32) NOT NULL AUTO_INCREMENT,
`email` varchar(50) DEFAULT NULL,
`username` varchar(50) DEFAULT NULL,
`password` varchar(255) DEFAULT NULL,
`phoneNum` varchar(20) DEFAULT NULL,
`status` tinyint(1) DEFAULT NULL,
PRIMARY KEY (`aid`),
UNIQUE KEY `email` (`email`)
) ENGINE=InnoDB AUTO_INCREMENT=10 DEFAULT CHARSET=utf8;
INSERT INTO `admin` VALUES ('1', '[email protected]', 'admin1', 'admin1', '15415344180', '1');
INSERT INTO `admin` VALUES ('9', '[email protected]', 'admin2', 'admin2', '15946505545', '1');
CREATE TABLE `admin_role` (
`aid` varchar(32) NOT NULL,
`rid` varchar(32) NOT NULL,
PRIMARY KEY (`aid`,`rid`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
INSERT INTO `admin_role` VALUES ('1', '1');
INSERT INTO `admin_role` VALUES ('1', '5');
INSERT INTO `admin_role` VALUES ('9', '5');
CREATE TABLE `permission` (
`pid` int(32) NOT NULL AUTO_INCREMENT,
`permissionName` varchar(50) DEFAULT NULL,
`permissionDesc` varchar(50) DEFAULT NULL,
PRIMARY KEY (`pid`)
) ENGINE=InnoDB AUTO_INCREMENT=11 DEFAULT CHARSET=utf8;
INSERT INTO `permission` VALUES ('1', '系统-管理员', '/sys/admin');
INSERT INTO `permission` VALUES ('2', '系统-角色', '/sys/role');
INSERT INTO `permission` VALUES ('3', '系统-权限', '/sys/permission');
INSERT INTO `permission` VALUES ('9', '故事-足迹', '/story/track');
CREATE TABLE `role` (
`rid` int(32) NOT NULL AUTO_INCREMENT,
`roleName` varchar(50) DEFAULT NULL,
`roleDesc` varchar(50) DEFAULT NULL,
PRIMARY KEY (`rid`)
) ENGINE=InnoDB AUTO_INCREMENT=6 DEFAULT CHARSET=utf8;
INSERT INTO `role` VALUES ('1', '系统管理员', '进行系统管理');
INSERT INTO `role` VALUES ('5', '故事管理员', '进行故事管理');
CREATE TABLE `role_permission` (
`rid` varchar(32) DEFAULT NULL,
`pid` varchar(32) DEFAULT NULL
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
INSERT INTO `role_permission` VALUES ('1', '1');
INSERT INTO `role_permission` VALUES ('1', '2');
INSERT INTO `role_permission` VALUES ('1', '3');
INSERT INTO `role_permission` VALUES ('5', '9');
实体类
@Data
public class Admin implements Serializable {
@TableId
private Integer aid;
private String username;//姓名
private String password;//密码
private String email;//邮箱
private String phoneNum;//号码
private boolean status; // 状态 true可用 false禁用
@TableField(exist = false) // 不是数据库的字段
private List roles; // 角色集合
}
@Data
public class Role implements Serializable {
@TableId
private Integer rid;
private String roleName; // 角色名
private String roleDesc; // 角色介绍
@TableField(exist = false) // 不是数据库的字段
private List permissions;// 权限集合
}
@Data
public class Permission implements Serializable {
@TableId
private Integer pid;
private String permissionName; //权限名
private String permissionDesc;//权限详情
}