欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页

ssm建立过滤器,实现过用户批量删除还有角色权限管理

程序员文章站 2024-03-04 12:39:11
...

1.过滤器

过滤器是用来判断用户的权限, 这是spring的aop的一个方法,所以需要建立一个过滤器,原理就是根据session,来判断用户是否有权限,是否应该跳转到登录界面。

//LoginFilter.java
public class LoginFilter implements Filter {


    @Override
    public void init(FilterConfig filterConfig) throws ServletException {

    }

    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest request = (HttpServletRequest) servletRequest;
        HttpServletResponse response = (HttpServletResponse)servletResponse;
        HttpSession session = request.getSession();
        //获取session中的user信息
        User user = (User) session.getAttribute("user");
        String uri = request.getRequestURI();
        System.out.println();
        //如果没有用户信息并且不是登录界面的跳转
        if(user==null && uri.indexOf("login.do")==-1){
            response.sendRedirect(request.getContextPath()+"../login.jsp");
        }else{
            filterChain.doFilter(request,response);
        }
    }

    @Override
    public void destroy() {

    }
}

 

  <filter>
    <filter-name>LoginFilter</filter-name>
    <filter-class>com.huxiaoheng.filter.LoginFilter</filter-class>
  </filter>
  <filter-mapping>
    <filter-name>LoginFilter</filter-name>
    <url-pattern>*.do</url-pattern>
  </filter-mapping>

2.controller层

用来获取请求,调用service处理逻辑

    @RequestMapping("/deleteAll.do")
    public String deleteAll(String userList){
        String[] str = userList.split(",");
        List<Integer> ids = new ArrayList<>();
        for (String s:str){
            ids.add(Integer.parseInt(s));
        }
        userService.deleteAll(ids);
        return "redirect:findAll.do";
    }
	@RequestMapping("/toAddRole.do")
    public ModelAndView toAddRole(int id){
        List<Role> roleList = roleService.findRoleByUserId(id);
        ModelAndView mv = new ModelAndView();
        mv.addObject("roles",roleList);
        mv.addObject("id",id);
        mv.setViewName("user-role-add");
        return mv;
    }

    @RequestMapping("/addRole.do")
    @ResponseBody
    public String add(String roleList,String userId){
        String[] strs = roleList.split(",");
        List<Integer> ids = new ArrayList<>();
        for(String s:strs){
            ids.add(Integer.parseInt(s));
        }
        roleService.add(ids,userId);
        return "";
    }

3.service层的写法

public interface UserService {
    int login(String username,String password);

    PageInfo<User> findAll(int currentPage,String username);

    void add(User user);

    void deleteByID(int id);

    User selectByID(int id);

    void update(User user);

    void deleteAll(@Param("ids")List<Integer> ids);
}
	@Override
    public void deleteAll(List<Integer> ids) {
        userDao.deleteAll(ids);
    }

4.mapper层的写法

public interface UserDao {

    User findByUserName(String username);
    List<User> findAll(@Param("start") int start,@Param("username") String username);

    void add(User user);

    void deleteByID(int id);

    User selectByID(int id);

    void update(User user);

    int getTotalCount(@Param("username")String username);

    void deleteAll(@Param("ids")List<Integer> ids);
}
<delete id="deleteAll">
        delete from user where id in 
        <foreach collection="ids" item="id" open="(" close=")" separator=",">
            #{id}
        </foreach>
</delete>

5.dao层

public interface RoleDao {

    List<Integer> findRoleIdByUserId(int userId);

    List<Role> findRoleByUserId(int id);

    void addRole(UserRole userRole);

}
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd" >
<mapper namespace="com.huxiaoheng.dao.RoleDao" >
    
    <select id="findRoleIdByUserId" parameterType="int" resultType="int">
        select roleId from user_role where userId=#{userId}
    </select>

    <select id="findRoleByUserId" parameterType="int" resultType="Role">
        select * from role where id not in (select roleId from user_role where userId=#{id})
    </select>

    <insert id="addRole" parameterType="UserRole">
        insert into user_role (userId,roleId) values (#{userId},#{roleId})
    </insert>

</mapper>

6.运行结果
ssm建立过滤器,实现过用户批量删除还有角色权限管理

ssm建立过滤器,实现过用户批量删除还有角色权限管理

ssm建立过滤器,实现过用户批量删除还有角色权限管理