ssm05 角色资源权限及关联操作

一 、角色管理

1、角色查询

（1）角色页面role-list.jsp

请在资料中查看页面详细代码
role-list.jsp

aside.jsp

（2）RoleControlller

@Controller
@RequestMapping("/role")
public class IRoleController {

    @Autowired
    private IRolesService rolesService;
    @RequestMapping("/findAll.do")
    public ModelAndView findAll() throws Exception {
        ModelAndView mv = new ModelAndView();
        List<Role> roleList=  rolesService.findAllRole();
        mv.addObject("roleList",roleList);
        mv.setViewName("role-list");
        return mv;
    }
}

（3）Dao

public interface IRolesDao {
    @Select("Select * from ssmRole")
    List<Role> findAllRole() throws Exception;
}

2、角色添加

（1）角色添加页面role-add.jsp

role-add.jsp

<form action="${pageContext.request.contextPath}/role/save.do">
...
<form/>

role-show.jsp

请在页面中查看详细代码

（2）RoleControllle

@Controller
@RequestMapping("/role")
public class IRoleController {

    @Autowired
    private IRolesService rolesService;
    @RequestMapping("/findAll.do")
    public ModelAndView findAll() throws Exception {
        ModelAndView mv = new ModelAndView();
        List<Role> roleList=  rolesService.findAllRole();
        mv.addObject("roleList",roleList);
        mv.setViewName("role-list");
        return mv;
    }

    @RequestMapping("/save.do")
    public String save(Role role) throws Exception {
        rolesService.save(role);
        return "redirect:findAll.do";
    }
}

（3）Dao

public interface IRolesDao {
    /**
     * private String roleName;
     * private String roleDesc;
     * @param role
     */
    @Insert("insert into ssmRole(roleName,roleDesc) values(#{roleName},#{roleDesc})")
    void save(Role role);
}

二、资源权限管理

1、资源权限查询

（1）权限资源页面permission-list.jsp

aside.jsp

permission-list.jsp

请在资料中查看页面详细代码

（2）PermissionController

@Controller
@RequestMapping("/permission")
public class PermissionController {
    @Autowired
    private IPermissionService permissionService;
    @RequestMapping("/findAll.do")
    public ModelAndView findAll() throws Exception {
        ModelAndView mv = new ModelAndView();
        List<Permission> permissionList= permissionService.findAll();
        mv.addObject("permissionList",permissionList);
        mv.setViewName("permission-list");
        return mv;
    }
}

（3）Dao

public interface IPermissionDao {

    @Select("select * from ssmpermission")
    List<Permission> findAll() throws Exception;
}

2、资源权限添加

（1）资源权限添加页面permission-add.jsp

permission-list.jsp


permission-add.jsp

<form action="${pageContext.request.contextPath}/permission/save.do">
...
<form/>

请在资料中查看页面详细代码

（2）PermissionController

@Controller
@RequestMapping("/permission")
public class PermissionController {
    @Autowired
    private IPermissionService permissionService;
    @RequestMapping("/findAll.do")
    public ModelAndView findAll() throws Exception {
        ModelAndView mv = new ModelAndView();
        List<Permission> permissionList= permissionService.findAll();
        mv.addObject("permissionList",permissionList);
        mv.setViewName("permission-list");
        return mv;
    }

    @RequestMapping("/save.do")
    public String save(Permission permission) throws Exception {
        permissionService.save(permission);
        return "redirect:findAll.do";
    }
}

（3）Dao

@Repository
public interface IPermissionDao {
    @Select("select * from ssmpermission")
    List<Permission> findAll() throws Exception;
    
    /*
        private String permissionName;
    	private String url;
	*/
    @Insert("insert into ssmpermission(permissionName,url) values(#{permissionName},#{url})")
    void save(Permission permission) throws Exception;
}

三、 用户角色关联

用户与角色之间是多对多关系，我们要建立它们之间的关系，只需要在中间表user_role插入数据即可。

1、用户角色关联相关页面

在user-list.jsp页面上添加链接，查询出用户id没有的角色list展示出来。

<a href="${pageContext.request.contextPath}/user/findUserByIdAndAllRole.do?id=${user.id}"
class="btn bg-olive btn-xs">添加角色</a>

展示可以添加角色的页面user-roe-add.jsp

提交：选中角色id和用户id添加到user_role表中。

请在资料中查看页面详细代码

2、UserController

findUserByIdAndAllRole(String id)方法,此方法用于查找要操作的用户及可以添加的角色，参数是要操作的用户id

@Controller
@RequestMapping("/user")
public class UserController {
    @Autowired
    private IUserService userService;
    
	@Autowired
	private IRolesService rolesService;

	//查找
	@RequestMapping("/findUserByIdAndAllRole.do")
    public ModelAndView findUserByIdAndAllRole(String id) throws Exception{
        ModelAndView mv = new ModelAndView();

        mv.addObject("id",id);

        List<Role> otherRoles = rolesService.findOtherRoles(id);
        mv.addObject("roleList",otherRoles);

        mv.setViewName("user-role-add");

        return mv;
    }
	//添加
    @RequestMapping("/addRoleToUser.do")
    public String addRoleToUser(String userId,String[] ids) throws Exception {

        System.out.println("add:"+userId);
        userService.addRoleToUser(userId,ids);
        return "redirect:findAll.do";
    }
}

addRoleToUser(String userId,String[] ids)方法 用于在用户与角色之间建立关系，参数userId代表要操作的用户id,参数ids代表的是角色id数组

3、UserService处理数组ids

    /**
     * 根据用户id和角色id 将对应关系存入用户角色表
     * @param userId
     * @param ids
     * @throws Exception
     */
    @Override
    public void addRoleToUser(String userId, String[] ids) throws Exception {
        for(String roleId:ids){
            userDao.addRoleToUser(userId,roleId);
        }
    }

4、Dao

IRoleDao
用于查找可以添加的角色

public interface IRolesDao {
    @Select("Select * from ssmRole where id not in " +
            "(select roleId from users_role where userId = #{uid})")
    List<Role> findOtherRoles(String uid) throws Exception;
}

IUserDao

/**
 * 根据用户id和角色id 将对应关系存入用户角色表
 * @param userId
 * @param roleId
 */
@Insert("insert into users_role(userId,roleId) values(#{userId},#{roleId})")
void addRoleToUser(@Param("userId") String userId,@Param("roleId") String roleId) throws Exception;

四、角色权限关联

角色与权限之间是多对多关系，我们要建立它们之间的关系，只需要在中间表role_permission插入数据即可

1、 角色权限关联相关页面

在role-list.jsp页面上添加链接

查找出该角色没有的权限，展示出来
展示可以添加权限的页面roe-permission-add.jsp

提交：传递选中角色id和权限id，添加到role_premission

2、RoleController

@Controller
@RequestMapping("/role")
public class IRoleController {

    @Autowired
    private IRolesService rolesService;
    
    
    /**
     * 根据角色的id查询出角色没有的权限，展示出来
     * @param id
     * @return
     * @throws Exception
     */
    @Autowired
    private IPermissionService permissionService;
    @RequestMapping("/findRoleByIdAndAllPermission.do")
    public ModelAndView findRoleByIdAndAllPermission(String id) throws Exception{
        ModelAndView mv = new ModelAndView();
        mv.addObject("role",id);
        List<Permission> permissionList = permissionService.findOtherRoles(id);
        mv.addObject("permissionList",permissionList);
        mv.setViewName("role-permission-add");
        return mv;
    }
    /*
    	通过角色id和权限id关联
	*/
    @RequestMapping("/addPermissionToRole.do")
    public String addPermissionToRole(String roleId,String[] ids) throws Exception {
        rolesService.addPermissionToRole(roleId,ids);
        return "redirect:findAll.do";
    }
}

3、RoleService处理数组ids

@Override
public void addPermissionToRole(String roleId, String[] ids) throws Exception {
    System.out.println(ids.length);
    for (String permissionId : ids) {
        rolesDao.addPermissionToRole(permissionId,roleId);
    }
}

4、Dao

IPermissionDao

    /**
     * 关联角色和资源权限
     * @param id
     * @return
     * @throws Exception
     */
    @Select("select * from ssmpermission where id not in " +
            "(select permissionId from role_permission where roleId = #{id})")
    List<Permission> findOtherRoles(String id) throws Exception;

IRolesDao

    @Insert("insert into role_permission(permissionId,roleId) " +
            "values(#{permissionId},#{roleId})")
    void addPermissionToRole(@Param("permissionId") String permissionId,@Param("roleId") String roleId) throws Exception;