详解spring整合shiro权限管理与数据库设计
程序员文章站
2024-02-13 15:16:58
之前的文章中我们完成了基础框架的搭建,现在基本上所有的后台系统都逃不过权限管理这一块,这算是一个刚需了。现在我们来集成shiro来达到颗粒化权限管理,也就是从连接菜单到页面...
之前的文章中我们完成了基础框架的搭建,现在基本上所有的后台系统都逃不过权限管理这一块,这算是一个刚需了。现在我们来集成shiro来达到颗粒化权限管理,也就是从连接菜单到页面功能按钮,都进行权限都验证,从前端按钮的显示隐藏,到后台具体功能方法的权限验证。
首先要先设计好我们的数据库,先来看一张比较粗糙的数据库设计图:
具体的数据库设计代码
/*
navicat mysql data transfer
source server : 本机
source server version : 50537
source host : localhost:3306
source database : task
target server type : mysql
target server version : 50537
file encoding : 65001
date: 2017-01-19 09:58:27
*/
set foreign_key_checks=0;
-- ----------------------------
-- table structure for sys_authority
-- ----------------------------
drop table if exists `sys_authority`;
create table `sys_authority` (
`id` bigint(20) not null auto_increment comment '主键',
`data_url` varchar(100) not null comment '连接路径或方法',
`menu_class` varchar(50) not null comment '菜单样式',
`menu_code` varchar(50) not null comment '菜单编码',
`menu_name` varchar(50) not null comment '菜单名称',
`parent_menucode` varchar(50) default null comment '上级菜单编码',
`sequence` bigint(20) default '0' comment '排序',
`menu_type` varchar(2) default '1' comment '菜单类型(1是左导航菜单 2是按钮权限)',
`create_time` varchar(30) not null comment '创建时间',
primary key (`id`),
unique key `uk_sys_authority_menu_code` (`menu_code`)
) engine=innodb default charset=utf8 comment='菜单表';
-- ----------------------------
-- records of sys_authority
-- ----------------------------
-- ----------------------------
-- table structure for sys_department
-- ----------------------------
drop table if exists `sys_department`;
create table `sys_department` (
`id` bigint(20) not null auto_increment comment '主键',
`department_key` varchar(20) not null comment '部门编码',
`department_value` varchar(40) not null comment '部门名称',
`description` varchar(200) default null comment '描述',
`parent_departmentkey` varchar(20) default null comment '上级部门编码',
`create_time` varchar(30) default null comment '创建时间',
primary key (`id`),
unique key `uk_sys_department_department_key` (`department_key`)
) engine=innodb default charset=utf8 comment='部门表';
-- ----------------------------
-- records of sys_department
-- ----------------------------
-- ----------------------------
-- table structure for sys_role
-- ----------------------------
drop table if exists `sys_role`;
create table `sys_role` (
`role_id` int(11) not null auto_increment comment '主键',
`role_key` varchar(30) default null comment '角色编码',
`create_time` varchar(30) default null comment '创建时间',
`description` varchar(200) default null comment '描述',
`role_value` varchar(40) not null comment '角色名称',
`company_id` bigint(20) default null,
primary key (`role_id`)
) engine=innodb auto_increment=3 default charset=utf8 comment='角色表';
-- ----------------------------
-- records of sys_role
-- ----------------------------
insert into `sys_role` values ('1', 'role_user', null, null, '', null);
insert into `sys_role` values ('2', 'role_admin', null, null, '', null);
-- ----------------------------
-- table structure for sys_role_authority
-- ----------------------------
drop table if exists `sys_role_authority`;
create table `sys_role_authority` (
`id` bigint(20) not null auto_increment comment '主键编号自增长',
`menu_code` varchar(50) not null comment '菜单编码',
`role_key` varchar(40) not null comment '角色编码',
`menu_type` int(11) default null comment '菜单类型 1 导航 2 按钮',
primary key (`id`)
) engine=innodb default charset=utf8 comment='角色菜单表';
-- ----------------------------
-- records of sys_role_authority
-- ----------------------------
-- ----------------------------
-- table structure for sys_role_permission
-- ----------------------------
drop table if exists `sys_role_permission`;
create table `sys_role_permission` (
`role_id` int(11) not null comment '角色主键编号',
`permissions` varchar(1000) default null comment '按钮权限',
key `fk9q28ewrhntqeipl1t04kh1be7` (`role_id`),
constraint `fk9q28ewrhntqeipl1t04kh1be7` foreign key (`role_id`) references `sys_role` (`role_id`),
constraint `fk_sys_role_permission_role_id` foreign key (`role_id`) references `sys_role` (`role_id`)
) engine=innodb default charset=utf8 comment='角色按钮权限表';
-- ----------------------------
-- records of sys_role_permission
-- ----------------------------
-- ----------------------------
-- table structure for sys_user
-- ----------------------------
drop table if exists `sys_user`;
create table `sys_user` (
`user_id` bigint(20) not null auto_increment comment '主键',
`login_account` varchar(30) not null comment '登录账号',
`login_pass` varchar(65) not null comment '登录密码',
`user_name` varchar(20) default null comment '昵称',
`user_head` varchar(30) default null comment '头像',
`user_phone` varchar(20) default null comment '手机',
`user_email` varchar(30) default null comment '邮箱',
`user_sex` int(11) default null comment '性别',
`user_birthday` varchar(30) default null comment '生日',
`register_time` varchar(30) not null comment '注册时间',
`department_key` varchar(20) default null comment '部门编码',
primary key (`user_id`),
unique key `uk_sys_user_login_account` (`login_account`)
) engine=innodb auto_increment=5 default charset=utf8 comment='用户表';
-- ----------------------------
-- records of sys_user
-- ----------------------------
insert into `sys_user` values ('2', 'hzw2312', '63cbbfefc6a5f389ea64299134e989a9a378d1293cad8b5623331bf5d0e023a9', null, null, null, 'hzw2312@sina.com', null, null, '2017-01-18 14:39:23', null);
insert into `sys_user` values ('3', 'hzw2312f', '63cbbfefc6a5f389ea64299134e989a9a378d1293cad8b5623331bf5d0e023a9', null, null, null, 'hzw23d12@sina.com', null, null, '2017-01-18 15:25:08', null);
insert into `sys_user` values ('4', 'hhsykx', '63cbbfefc6a5f389ea64299134e989a9a378d1293cad8b5623331bf5d0e023a9', null, null, null, 'hhs2312@sina.com', null, null, '2017-01-18 15:25:47', null);
-- ----------------------------
-- table structure for sys_user_role
-- ----------------------------
drop table if exists `sys_user_role`;
create table `sys_user_role` (
`user_id` bigint(20) not null comment '用户编号',
`role_id` int(20) not null comment '角色编号',
primary key (`user_id`,`role_id`),
key `fkhh52n8vd4ny9ff4x9fb8v65qx` (`role_id`),
constraint `fkb40xxfch70f5qnyfw8yme1n1s` foreign key (`user_id`) references `sys_user` (`user_id`),
constraint `fkhh52n8vd4ny9ff4x9fb8v65qx` foreign key (`role_id`) references `sys_role` (`role_id`),
constraint `fk_sys_user_role_role_id` foreign key (`role_id`) references `sys_role` (`role_id`),
constraint `fk_sys_user_role_user_id` foreign key (`user_id`) references `sys_user` (`user_id`)
) engine=innodb default charset=utf8 comment='用户角色映射表';
-- ----------------------------
-- records of sys_user_role
-- ----------------------------
insert into `sys_user_role` values ('3', '1');
insert into `sys_user_role` values ('4', '1');
insert into `sys_user_role` values ('2', '2');
下面我们开始根据之前的框架集成shiro
首先在pom.xml添加shiro的支持,先在properties中声明一下要倒入的版本:
<properties> <shiro.version>1.3.2</shiro.version> <commons-logging.version>1.2</commons-logging.version> </properties>
然后在是dependency的添加:
<!-- shiro权限 -->
<dependency>
<groupid>org.apache.shiro</groupid>
<artifactid>shiro-all</artifactid>
<version>${shiro.version}</version>
</dependency>
<!-- commons-logging -->
<dependency>
<groupid>commons-logging</groupid>
<artifactid>commons-logging</artifactid>
<version>${commons-logging.version}</version>
</dependency>
下面是shiro的配置跟spring配置放在同级目录spring-shiro.xml:
<?xml version="1.0" encoding="utf-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:util="http://www.springframework.org/schema/util"
xmlns:aop="http://www.springframework.org/schema/aop"
xmlns:xsi="http://www.w3.org/2001/xmlschema-instance"
xsi:schemalocation="
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd
http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop.xsd">
<!-- 缓存管理器 使用ehcache实现 -->
<bean id="cachemanager" class="org.apache.shiro.cache.ehcache.ehcachemanager">
<property name="cachemanagerconfigfile" value="classpath:ehcache-shiro.xml" />
</bean>
<bean id="securitymanager" class="org.apache.shiro.web.mgt.defaultwebsecuritymanager">
<!--认证管理器-->
<property name="realm" ref="shirosecurityrealm" />
<!-- 缓存管理器 -->
<property name="cachemanager" ref="cachemanager" />
<!-- rememberme管理器 -->
<property name="remembermemanager" ref="remembermemanager"/>
</bean>
<!-- 会话id生成器 -->
<bean id="sessionidgenerator" class="org.apache.shiro.session.mgt.eis.javauuidsessionidgenerator"/>
<!-- 会话cookie模板 -->
<bean id="sessionidcookie" class="org.apache.shiro.web.servlet.simplecookie">
<constructor-arg value="sid"/>
<property name="httponly" value="true"/>
<property name="maxage" value="-1"/>
</bean>
<bean id="remembermecookie" class="org.apache.shiro.web.servlet.simplecookie">
<constructor-arg value="rememberme"/>
<property name="httponly" value="true"/>
<property name="maxage" value="2592000"/><!-- 30天 -->
</bean>
<!-- rememberme管理器 -->
<bean id="remembermemanager"
class="org.apache.shiro.web.mgt.cookieremembermemanager">
<property name="cipherkey" value="#{t(org.apache.shiro.codec.base64).decode('7gzyfkjtaskdsai43ds==')}"/>
<property name="cookie" ref="remembermecookie"/>
</bean>
<!-- 会话dao -->
<bean id="sessiondao" class="org.apache.shiro.session.mgt.eis.enterprisecachesessiondao">
<property name="activesessionscachename" value="shiro-activesessioncache"/>
<property name="sessionidgenerator" ref="sessionidgenerator"/>
</bean>
<!-- 会话验证调度器 -->
<bean id="sessionvalidationscheduler" class="org.apache.shiro.session.mgt.quartz.quartzsessionvalidationscheduler">
<property name="sessionvalidationinterval" value="3000000"/>
<property name="sessionmanager" ref="sessionmanager"/>
</bean>
<!-- 会话管理器 -->
<bean id="sessionmanager" class="org.apache.shiro.web.session.mgt.defaultwebsessionmanager">
<property name="globalsessiontimeout" value="3000000"/>
<property name="deleteinvalidsessions" value="true"/>
<property name="sessionvalidationschedulerenabled" value="true"/>
<property name="sessionvalidationscheduler" ref="sessionvalidationscheduler"/>
<property name="sessiondao" ref="sessiondao"/>
<property name="sessionidcookieenabled" value="true"/>
<property name="sessionidcookie" ref="sessionidcookie"/>
</bean>
<bean id="formauthenticationfilter" class="org.apache.shiro.web.filter.authc.formauthenticationfilter">
<property name="remembermeparam" value="rememberme"/>
</bean>
<bean id="sysuserfilter" class="yfkj.gz.task.security.sysuserfilter"/>
<bean id="shirofilter" class="org.apache.shiro.spring.web.shirofilterfactorybean">
<property name="securitymanager" ref="securitymanager"/>
<property name="loginurl" value="/login.jsp"/>
<property name="successurl" value="/page/main.action"/>
<property name="filters">
<util:map>
<entry key="authc">
<bean class="org.apache.shiro.web.filter.authc.passthruauthenticationfilter"/>
</entry>
<entry key="sysuser" value-ref="sysuserfilter"/>
</util:map>
</property>
<property name="filterchaindefinitions">
<value>
/static/** = anon
/login.jsp = anon
/sysuser/login.action = anon
/sysuser/register.action = anon
/sysuser/getemailcount.action = anon
/sysuser/getusernamecount.action = anon
/sysuser/logout.action = logout
/** = user,sysuser <!-- 表示访问该地址的用户是身份验证通过或rememberme登录的都可以 -->
<!-- /** = authc 表示访问该地址用户必须身份验证通过-->
</value>
</property>
</bean>
<!-- post processor that automatically invokes init() and destroy() methods -->
<bean id="lifecyclebeanpostprocessor" class="org.apache.shiro.spring.lifecyclebeanpostprocessor"/>
</beans>
上面的
/static/** = anon,/login.jsp = anon...这些等于anon的就是默认不做权限验证的,我们的登录,注册,静态资源等,不需要权限验证。
权限缓存的配置(如果不用缓存的话,每次请求都要去访问数据库查询权限)ehcache-shiro.xml:
<?xml version="1.0" encoding="utf-8"?>
<ehcache name="shirocache">
<diskstore path="java.io.tmpdir/yfkj-shiro-ehcache"/>
<!-- 默认缓存 -->
<defaultcache maxelementsinmemory="1000" eternal="false"
overflowtodisk="true" timetoidleseconds="300" timetoliveseconds="180"
diskpersistent="false" diskexpirythreadintervalseconds="120" />
<!-- 登录记录缓存 -->
<cache name="passwordretrycache"
maxentrieslocalheap="2000"
eternal="false"
timetoidleseconds="3600"
timetoliveseconds="0"
overflowtodisk="false"
statistics="true">
</cache>
<!-- 授权缓存 -->
<cache name="authorizationcache"
maxentrieslocalheap="2000"
eternal="false"
timetoidleseconds="3600"
timetoliveseconds="0"
overflowtodisk="false"
statistics="true">
</cache>
<!-- 认证缓存 -->
<cache name="authenticationcache"
maxentrieslocalheap="2000"
eternal="false"
timetoidleseconds="3600"
timetoliveseconds="0"
overflowtodisk="false"
statistics="true">
</cache>
<cache name="shiro-activesessioncache"
maxentrieslocalheap="2000"
eternal="false"
timetoidleseconds="3600"
timetoliveseconds="0"
overflowtodisk="false"
statistics="true">
</cache>
<cache name="shiro-kickout-session"
maxentrieslocalheap="2000"
eternal="false"
timetoidleseconds="3600"
timetoliveseconds="0"
overflowtodisk="false"
statistics="true">
</cache>
</ehcache>
自定义用户过滤类sysuserfilter:
import yfkj.gz.task.service.isysuserservice;
import org.apache.shiro.web.filter.pathmatchingfilter;
import javax.annotation.resource;
import javax.servlet.servletrequest;
import javax.servlet.servletresponse;
/**
* 自定义用户过滤器
* @author 胡汉三
*
*/
public class sysuserfilter extends pathmatchingfilter {
@resource
private isysuserservice sysuserservice;
@override
protected boolean onprehandle(servletrequest request, servletresponse response, object mappedvalue) throws exception {
//可以参考http://jinnianshilongnian.iteye.com/blog/2025656
return true;
}
}
权限认证类shirosecurityrealm:
import javax.annotation.resource;
import org.apache.shiro.authc.authenticationexception;
import org.apache.shiro.authc.authenticationinfo;
import org.apache.shiro.authc.authenticationtoken;
import org.apache.shiro.authc.simpleauthenticationinfo;
import org.apache.shiro.authc.usernamepasswordtoken;
import org.apache.shiro.authc.credential.sha256credentialsmatcher;
import org.apache.shiro.authz.authorizationinfo;
import org.apache.shiro.authz.simpleauthorizationinfo;
import org.apache.shiro.realm.authorizingrealm;
import org.apache.shiro.subject.principalcollection;
import org.springframework.stereotype.component;
import yfkj.gz.task.dao.isysuserdao;
import yfkj.gz.task.entity.sysrole;
import yfkj.gz.task.entity.sysuser;
import yfkj.gz.task.service.isysuserservice;
/**
* 权限认证
* @author 胡汉三
* @date 2017年1月19日 上午10:52:17
*/
@suppresswarnings("deprecation")
@component
public class shirosecurityrealm extends authorizingrealm {
@resource
private isysuserservice userservice;
@resource
private isysuserdao sysuserdao;
public shirosecurityrealm() {
setname("shirosecurityrealm"); // this name must match the name in the sysuser class's getprincipals() method
setcredentialsmatcher(new sha256credentialsmatcher());
}
/**
* 登录认证
*/
protected authenticationinfo dogetauthenticationinfo(authenticationtoken authctoken) throws authenticationexception {
usernamepasswordtoken token = (usernamepasswordtoken) authctoken;
sysuser user = userservice.getbyproerties(new string[]{"loginaccount"}, new string[]{token.getusername()},null);
if (user != null) {
return new simpleauthenticationinfo(user.getuserid(), user.getloginpass(), getname());
} else {
return null;
}
}
/**
* 权限认证
*/
protected authorizationinfo dogetauthorizationinfo(principalcollection principals) {
long userid = (long) principals.fromrealm(getname()).iterator().next();
sysuser user = userservice.get(userid);
if (user != null) {
simpleauthorizationinfo info = new simpleauthorizationinfo();
for (sysrole role : user.getroles()) {
info.addrole(role.getrolekey());
info.addstringpermissions(role.getpermissions());
}
return info;
} else {
return null;
}
}
}
在web.xml加入:
<!-- 加载spring配置文件 -->
<context-param>
<param-name>contextconfiglocation</param-name>
<param-value>classpath:spring.xml,classpath:spring-hibernate.xml,classpath:spring-shiro.xml</param-value>
</context-param>
<!-- shiro权限过滤器 -->
<filter>
<filter-name>shirofilter</filter-name>
<filter-class>org.springframework.web.filter.delegatingfilterproxy</filter-class>
<init-param>
<param-name>targetfilterlifecycle</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>shirofilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
在登录方法中加上权限的登录(构造方法参数:登录账号,登录密码,记住我):
//存入session
subject subject = securityutils.getsubject();
//记得传入明文密码
subject.login(new usernamepasswordtoken(userinfo.getloginaccount(), user.getloginpass(), rememberme));
完整的登录方法:
[java] view plain copy 在code上查看代码片派生到我的代码片
/**
* 用户登录
* @param response
* @param user
* @throws ioexception
*/
@requestmapping(value = "/login", method = { requestmethod.post, requestmethod.get })
public void login(sysuser user,boolean rememberme) throws ioexception{
//用户登录
sysuser userinfo = userservice.getbyproerties(new string[]{"loginaccount"}, new string[]{user.getloginaccount()},null);
if(userinfo==null){
result.setmessage("用户名错误");
super.writejson(result);
return;
}
if(!userinfo.getloginpass().equals(new sha256hash(user.getloginpass()).tohex())){
result.setmessage("密码错误");
super.writejson(result);
return;
}
//存入session
subject subject = securityutils.getsubject();
//记得传入明文密码
subject.login(new usernamepasswordtoken(userinfo.getloginaccount(), user.getloginpass(), rememberme));
session.setattribute(user_session, userinfo);
result.setmessage("登录成功");
result.setsuccess(true);
super.writejson(result);
}
数据库也设计好啦,该整合的也整合了,怎么来实现呢,这里先说一点点,详细的等下一篇说:
jsp页面引入page指令:
<%@ taglib prefix="shiro" uri="http://shiro.apache.org/tags" %>
在要做验证的按钮上加上shiro标签的判断:
<shiro:haspermission name="${role_key}:role:role_add">
<button id="btn_add" type="button" class="btn btn-default">
<span class="glyphicon glyphicon-plus" aria-hidden="true"></span>新增
</button>
</shiro:haspermission>
${role_key}:role:role_add的意思就是:
${role_key}角色
role是指菜单(页面)
role_add指的功能
联合起来就是,当前角色在role菜单(页面)中有没有role_add新增的功能,如果有就会显示,没有就不显示这个按钮啦。
在后台方法中验证:
在对应的方法中加入代码:
subject subject = securityutils.getsubject(); subject.checkpermission(getcurrentrolekey()+":role:role_add");
如果没有通过checkpermission,则会直接返回错误,不执行下面的代码啦。
实体base类baseentity:
import java.io.serializable;
import java.util.linkedhashmap;
import java.util.map;
/**
* 实体父类
* @author 胡汉三
* @date 2017年1月18日 上午11:03:11
*/
public class baseentity implements serializable{
/**
*
*/
private static final long serialversionuid = 3730369554400423966l;
/**
* 排序
*/
private map<string, string> sortedconditions = new linkedhashmap<string, string>();
public map<string, string> getsortedconditions() {
return sortedconditions;
}
public void setsortedconditions(map<string, string> sortedconditions) {
this.sortedconditions = sortedconditions;
}
}
用户实体sysuser:
import java.util.hashset;
import java.util.set;
import javax.persistence.column;
import javax.persistence.entity;
import javax.persistence.fetchtype;
import javax.persistence.generatedvalue;
import javax.persistence.id;
import javax.persistence.jointable;
import javax.persistence.joincolumn;
import javax.persistence.manytomany;
import javax.persistence.table;
import org.hibernate.annotations.cache;
import org.hibernate.annotations.cacheconcurrencystrategy;
import yfkj.gz.support.baseentity;
/**
* 用户的实体类
*/
@entity
@table(name = "sys_user")
public class sysuser extends baseentity{
/**
*
*/
private static final long serialversionuid = 2491111485758197830l;
/**主键**/
@id
@generatedvalue
@column(name = "user_id")
private long userid;
/**登录账号**/
@column(name = "login_account" ,length = 30 , unique = true )
private string loginaccount;
/**登录密码**/
@column(name = "login_pass" ,length = 65)
private string loginpass;
/**昵称**/
@column(name = "user_name" ,length = 20)
private string username;
/**头像**/
@column(name = "user_head" ,length = 30)
private string userhead;
/**手机**/
@column(name = "user_phone" ,length = 20)
private string userphone;
/**邮箱**/
@column(name = "user_email" ,length = 30)
private string useremail;
/**性别**/
@column(name = "user_sex")
private integer usersex;
/**生日**/
@column(name = "user_birthday" ,length = 30)
private string userbirthday;
/**注册时间**/
@column(name = "register_time" ,length = 30)
private string registertime;
/**部门编码**/
@column(name = "department_key" ,length = 20)
private string departmentkey;
/**用户角色**/
@manytomany(fetch = fetchtype.eager)
@jointable(name = "sys_user_role", joincolumns = { @joincolumn(name = "user_id") }, inversejoincolumns = { @joincolumn(name = "role_id") })
@cache(region = "all", usage = cacheconcurrencystrategy.read_write)
private set<sysrole> roles = new hashset<sysrole>();
/**get/set**/
/**主键**/
public long getuserid(){
return userid;
}
/**主键**/
public void setuserid(long userid){
this.userid= userid;
}
/**登录账号**/
public string getloginaccount(){
return loginaccount;
}
/**登录账号**/
public void setloginaccount(string loginaccount){
this.loginaccount= loginaccount;
}
/**登录密码**/
public string getloginpass(){
return loginpass;
}
/**登录密码**/
public void setloginpass(string loginpass){
this.loginpass= loginpass;
}
/**昵称**/
public string getusername(){
return username;
}
/**昵称**/
public void setusername(string username){
this.username= username;
}
/**头像**/
public string getuserhead(){
return userhead;
}
/**头像**/
public void setuserhead(string userhead){
this.userhead= userhead;
}
/**手机**/
public string getuserphone(){
return userphone;
}
/**手机**/
public void setuserphone(string userphone){
this.userphone= userphone;
}
/**邮箱**/
public string getuseremail(){
return useremail;
}
/**邮箱**/
public void setuseremail(string useremail){
this.useremail= useremail;
}
/**性别**/
public integer getusersex(){
return usersex;
}
/**性别**/
public void setusersex(integer usersex){
this.usersex= usersex;
}
/**生日**/
public string getuserbirthday(){
return userbirthday;
}
/**生日**/
public void setuserbirthday(string userbirthday){
this.userbirthday= userbirthday;
}
/**注册时间**/
public string getregistertime(){
return registertime;
}
/**注册时间**/
public void setregistertime(string registertime){
this.registertime= registertime;
}
public set<sysrole> getroles() {
return roles;
}
public void setroles(set<sysrole> roles) {
this.roles = roles;
}
}
角色实体sysrole:
import java.util.set;
import javax.persistence.column;
import javax.persistence.elementcollection;
import javax.persistence.entity;
import javax.persistence.generatedvalue;
import javax.persistence.id;
import javax.persistence.joincolumn;
import javax.persistence.jointable;
import javax.persistence.table;
import org.hibernate.annotations.cache;
import org.hibernate.annotations.cacheconcurrencystrategy;
import yfkj.gz.support.baseentity;
/**
* 角色的实体类
*/
@entity
@table(name = "sys_role")
@cache(region = "all", usage = cacheconcurrencystrategy.read_write)
public class sysrole extends baseentity{
// 各个字段的含义请查阅文档的数据库结构部分
private static final long serialversionuid = 6019103858711599150l;
@id
@generatedvalue
@column(name = "role_id")
private long roleid;
@column(name = "role_key", length = 40, nullable = false, unique = true)
private string rolekey;
@column(name = "role_value", length = 40, nullable = false)
private string rolevalue;
@column(name = "create_time", length = 30)
private string createtime;
@column(name = "description", length = 200)
private string description;
@elementcollection
@jointable(name = "sys_role_permission", joincolumns = { @joincolumn(name = "role_id") })
@cache(region = "all", usage = cacheconcurrencystrategy.read_write)
private set<string> permissions;
@column(name="company_id")
private long companyid;
public sysrole() {
}
public long getroleid() {
return roleid;
}
public void setroleid(long roleid) {
this.roleid = roleid;
}
public string getrolekey() {
return rolekey;
}
public void setrolekey(string rolekey) {
this.rolekey = rolekey;
}
public string getrolevalue() {
return rolevalue;
}
public void setrolevalue(string rolevalue) {
this.rolevalue = rolevalue;
}
public string getcreatetime() {
return createtime;
}
public void setcreatetime(string createtime) {
this.createtime = createtime;
}
public string getdescription() {
return description;
}
public void setdescription(string description) {
this.description = description;
}
public set<string> getpermissions() {
return permissions;
}
public void setpermissions(set<string> permissions) {
this.permissions = permissions;
}
public long getcompanyid() {
return companyid;
}
public void setcompanyid(long companyid) {
this.companyid = companyid;
}
}
项目结构图:
源码地址:
以上就是本文的全部内容,希望对大家的学习有所帮助,也希望大家多多支持。
推荐阅读
-
Spring Boot (十四): Spring Boot 整合 Shiro-登录认证和权限管理
-
jwt,spring security ,feign,zuul,eureka 前后端分离 整合 实现 简单 权限管理系统 与 用户认证的实现
-
shiro学习三(spring boot整合shiro读取数据库数据实现用户登录,权限认证)
-
thinkphp中的RBAC用户权限管理数据库设计的图文详解
-
Spring Boot (十四): Spring Boot 整合 Shiro-登录认证和权限管理
-
thinkphp中的RBAC用户权限管理数据库设计的图文详解
-
shiro学习三(spring boot整合shiro读取数据库数据实现用户登录,权限认证)