ssm建立过滤器,实现过用户批量删除还有角色权限管理
程序员文章站
2024-03-04 12:39:11
...
1.过滤器
过滤器是用来判断用户的权限, 这是spring的aop的一个方法,所以需要建立一个过滤器,原理就是根据session,来判断用户是否有权限,是否应该跳转到登录界面。
//LoginFilter.java
public class LoginFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) servletRequest;
HttpServletResponse response = (HttpServletResponse)servletResponse;
HttpSession session = request.getSession();
//获取session中的user信息
User user = (User) session.getAttribute("user");
String uri = request.getRequestURI();
System.out.println();
//如果没有用户信息并且不是登录界面的跳转
if(user==null && uri.indexOf("login.do")==-1){
response.sendRedirect(request.getContextPath()+"../login.jsp");
}else{
filterChain.doFilter(request,response);
}
}
@Override
public void destroy() {
}
}
<filter>
<filter-name>LoginFilter</filter-name>
<filter-class>com.huxiaoheng.filter.LoginFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>LoginFilter</filter-name>
<url-pattern>*.do</url-pattern>
</filter-mapping>
2.controller层
用来获取请求,调用service处理逻辑
@RequestMapping("/deleteAll.do")
public String deleteAll(String userList){
String[] str = userList.split(",");
List<Integer> ids = new ArrayList<>();
for (String s:str){
ids.add(Integer.parseInt(s));
}
userService.deleteAll(ids);
return "redirect:findAll.do";
}
@RequestMapping("/toAddRole.do")
public ModelAndView toAddRole(int id){
List<Role> roleList = roleService.findRoleByUserId(id);
ModelAndView mv = new ModelAndView();
mv.addObject("roles",roleList);
mv.addObject("id",id);
mv.setViewName("user-role-add");
return mv;
}
@RequestMapping("/addRole.do")
@ResponseBody
public String add(String roleList,String userId){
String[] strs = roleList.split(",");
List<Integer> ids = new ArrayList<>();
for(String s:strs){
ids.add(Integer.parseInt(s));
}
roleService.add(ids,userId);
return "";
}
3.service层的写法
public interface UserService {
int login(String username,String password);
PageInfo<User> findAll(int currentPage,String username);
void add(User user);
void deleteByID(int id);
User selectByID(int id);
void update(User user);
void deleteAll(@Param("ids")List<Integer> ids);
}
@Override
public void deleteAll(List<Integer> ids) {
userDao.deleteAll(ids);
}
4.mapper层的写法
public interface UserDao {
User findByUserName(String username);
List<User> findAll(@Param("start") int start,@Param("username") String username);
void add(User user);
void deleteByID(int id);
User selectByID(int id);
void update(User user);
int getTotalCount(@Param("username")String username);
void deleteAll(@Param("ids")List<Integer> ids);
}
<delete id="deleteAll">
delete from user where id in
<foreach collection="ids" item="id" open="(" close=")" separator=",">
#{id}
</foreach>
</delete>
5.dao层
public interface RoleDao {
List<Integer> findRoleIdByUserId(int userId);
List<Role> findRoleByUserId(int id);
void addRole(UserRole userRole);
}
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd" >
<mapper namespace="com.huxiaoheng.dao.RoleDao" >
<select id="findRoleIdByUserId" parameterType="int" resultType="int">
select roleId from user_role where userId=#{userId}
</select>
<select id="findRoleByUserId" parameterType="int" resultType="Role">
select * from role where id not in (select roleId from user_role where userId=#{id})
</select>
<insert id="addRole" parameterType="UserRole">
insert into user_role (userId,roleId) values (#{userId},#{roleId})
</insert>
</mapper>
6.运行结果
下一篇: ssm过滤器+用户批量删除+角色权限管理