文章目录
用户关联角色
查询用户可以添加的角色
Controller
//查询用户以及用户可以添加的角色
@RequestMapping("/findUserByIdAndAllRole.do")
public ModelAndView findUserByIdAndAllRole(@RequestParam(name = "id", required = true) String userid) throws Exception {
ModelAndView mv = new ModelAndView();
//1.根据用户id查询用户
UserInfo userInfo = userService.findById(userid);
//2.根据用户id查询可以添加的角色
List<Role> otherRoles = userService.findOtherRoles(userid);
mv.addObject("user", userInfo);
mv.addObject("roleList", otherRoles);
mv.setViewName("user-role-add");
return mv;
}
Servic.
List<Role> findOtherRoles(String userId) throws Exception;
Serviceimpl.
@Override
public List<Role> findOtherRoles(String userId) {
return userDao.findOtherRoles(userId);
}
Dao.
@Select("select * from role where id not in (select roleId from users_role where userId=#{userId})")
List<Role> findOtherRoles(String userId);
添加角色
Controller
//给用户添加角色
@RequestMapping("/addRoleToUser.do")
public String addRoleToUser(@RequestParam(name = "userId", required = true) String userId, @RequestParam(name = "ids", required = true) String[] roleIds) {
userService.addRoleToUser(userId, roleIds);
return "redirect:findAll.do";
}
Service
void addRoleToUser(String userId, String[] roleIds);
ServiceImpl
@Override
public void addRoleToUser(String userId, String[] roleIds) {
for(String roleId:roleIds){
userDao.addRoleToUser(userId,roleId);
}
}
Dao
@Insert("insert into users_role(userId,roleId) values(#{userId},#{roleId})")
void addRoleToUser(@Param("userId") String userId, @Param("roleId") String roleId);
角色关联权限
先查询点击的角色,在查询根据点击的角色查询出可以添加的权限,在进行添加
Controller
//给角色添加权限
@RequestMapping("/addPermissionToRole.do")
public String addPermissionToRole(@RequestParam(name = "roleId", required = true) String roleId, @RequestParam(name = "ids", required = true) String[] permissionIds) throws Exception {
roleService.addPermissionToRole(roleId, permissionIds);
return "redirect:findAll.do";
}
//根据roleId查询role,并查询出可以添加的权限
@RequestMapping("/findRoleByIdAndAllPermission.do")
public ModelAndView findRoleByIdAndAllPermission(@RequestParam(name = "id", required = true) String roleId) throws Exception {
ModelAndView mv = new ModelAndView();
//根据roleId查询role
Role role = roleService.findById(roleId); //先查询出点击的是哪个Role对象
//根据roleId查询可以添加的权限 //在根据Use对象找到可以添加的权限
List<Permission> otherPermissions = roleService.findOtherPermissions(roleId);
mv.addObject("role", role);
mv.addObject("permissionList", otherPermissions);
mv.setViewName("role-permission-add");
return mv;
}
Service
Role findById(String roleId) throws Exception;
List<Permission> findOtherPermissions(String roleId) throws Exception;
void addPermissionToRole(String roleId, String[] permissionIds) throws Exception;
ServiceImpl
@Override
public void addPermissionToRole(String roleId, String[] permissionIds) {
for(String permissionId:permissionIds){
roleDao.addPermissionToRole(roleId,permissionId);
}
}
@Override
public Role findById(String roleId) {
return roleDao.findById(roleId);
}
@Override
public List<Permission> findOtherPermissions(String roleId) {
return roleDao.findOtherPermissions(roleId);
}
Dao
@Select("select * from role where id=#{roleId}")
@Results({
@Result(id = true,property = "id",column = "id"),
@Result(property = "roleName",column = "roleName"),
@Result(property = "roleDesc",column = "roleDesc"),
@Result(property = "permissions",column = "id",javaType = java.util.List.class,many = @Many(select = "com.itheima.ssm.dao.IPermissionDao.findPermissionByRoleId"))
})
Role findById(String roleId);
@Select("select * from permission where id not in (select permissionId from role_permission where roleId=#{roleId})")
List<Permission> findOtherPermissions(String roleId);
@Insert("insert into role_permission(roleId,permissionId) values(#{roleId},#{permissionId})")
void addPermissionToRole(@Param("roleId") String roleId, @Param("permissionId") String permissionId);
权限控制
