功能实现:在页面输入给定的用户名之一,可以显示当前用户的权限,也可以在页面更改该用户的权限,更新之后保存。像下面这样。
填写用户名提交:
显示用户AAA的权限:
修改权限(增加article3):
点击Update之后,权限更新,下次访问,输入用户名AAA提交后显示:
提交用户名,显示用户权限和修改用户权限页面:authority-manager.jsp
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<base href="<%=basePath%>">
<title>My JSP 'authority-manager.jsp' starting page</title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
<meta http-equiv="description" content="This is my page">
<!--
<link rel="stylesheet" type="text/css" href="styles.css">
-->
</head>
<body>
<center>
<br><br>
<form action="AuthorityServlet?method=getAuthorities" method="post">
name:<input type="text" name="username"/>
<input type="submit" value="Submit"/>
</form>
<c:if test="${requestScope.user!=null }">
<br><br>
${requestScope.user.username}的权限是:
<br><br>
<form action="AuthorityServlet?method=updateAuthorities" method="post">
<input type="hidden" name="username" value="${requestScope.user.username}"/>
<br><br>
<!-- 两个循环:外层循环先将权限都列出来,内层循环用于将对应用户的对应权限 -->
<c:forEach items="${authorities}" var="auth">
<c:set var="flag" value="false"></c:set>
<c:forEach items="${user.authorities}" var="ua">
<c:if test="${ua.url==auth.url }">
<c:set var="flag" value="true"></c:set>
</c:if>
</c:forEach>
<c:if test="${flag==true}">
<input type="checkbox" name="authority" value="${auth.url}" checked="checked"/>${auth.displayname}
</c:if>
<c:if test="${flag==false}">
<input type="checkbox" name="authority" value="${auth.url}" />${auth.displayname}
</c:if>
<br><br>
</c:forEach>
<input type="submit" value="Update">
</form>
</c:if>
</center>
</body>
</html>
Servlet实现类,AuthorityServlet.java
package javaweb.com.anthorityManage;
import java.io.IOException;
import java.io.PrintWriter;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.util.List;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class AuthorityServlet extends HttpServlet {
public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
//authority-manager.jsp中的method参数-->getAuthorities
String methodName=request.getParameter("method");
try {
//getClass-->Class型对象,获得权限为public的内部类(即为public class AuthorityServlet)
//getMethod返回Method类型的对象,每个Method类型的对象代表一个方法
//getMethod(String方法名称,入口参数类型1.class,入口参数类型2.class)-->访问指定名称和参数类型的方法
Method method=getClass().getMethod(methodName, HttpServletRequest.class,HttpServletResponse.class);
//invoke(Object obj,Object...args)-->利用指定参数args执行指定对象obj中的该方法,返回值为Object型
//利用指定参数request,response执行method方法
method.invoke(this, request,response);
} catch (NoSuchMethodException | SecurityException e) {
e.printStackTrace();
} catch (IllegalAccessException e) {
e.printStackTrace();
} catch (IllegalArgumentException e) {
e.printStackTrace();
} catch (InvocationTargetException e) {
e.printStackTrace();
}
}
private UserDao userDao=new UserDao();
public void getAuthorities(HttpServletRequest request, HttpServletResponse response)throws ServletException, IOException{
//从请求参数中获取用户名
String username=request.getParameter("username");
//从userDao中获取用户名(带有用户的权限信息)
User user=userDao.get(username);
//将userDao中获得的用户名传递给request请求
request.setAttribute("user",user);
//userDao中获取的权限信息添加到request中
request.setAttribute("authorities", userDao.getAuthorities());
//按照用户名转发到相应的权限管理页面
request.getRequestDispatcher("/jspTest/authority-manager.jsp").forward(request, response);
}
public void updateAuthorities(HttpServletRequest request, HttpServletResponse response)throws ServletException, IOException{
//从请求域获得用户名和相应的多个权限
String username=request.getParameter("username");
//从客户端request域获得的权限
String[] authorities=request.getParameterValues("authority");
List<Authority> authorityList=userDao.getAuthorities(authorities);
userDao.update(username, authorityList);
//request.getContextPath()-->返回站点的根路径
response.sendRedirect(request.getContextPath()+"/jspTest/authority-manager.jsp");
}
}
UserDao类执行具体的事务操作,UserDao.java
package javaweb.com.anthorityManage;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
//UserDao类执行具体的事务操作
public class UserDao {
private static Map<String,User> users;
private static List<Authority> authorities;
static{
authorities=new ArrayList<>();
authorities.add(new Authority("article-1","/jspTest/1.jsp"));
authorities.add(new Authority("article-2","/jspTest/2.jsp"));
authorities.add(new Authority("article-3","/jspTest/3.jsp"));
authorities.add(new Authority("article-4","/jspTest/4.jsp"));
users=new HashMap<String,User>();
User user1=new User("AAA",authorities.subList(0,2));
users.put("AAA",user1);
User user2=new User("BBB",authorities.subList(2,4));
users.put("BBB",user2);
}
//相当于String m1(){} 获得users中的用户姓名
User get(String username){
return users.get(username);
}
//更新用户的权限
void update(String username,List<Authority> authorities){
users.get(username).setAuthorities(authorities);
}
public List<Authority> getAuthorities(){
return authorities;
}
public List<Authority> getAuthorities(String[] urls){
List<Authority> authorities2=new ArrayList<>();
for(Authority authority:authorities){
if(urls!=null){
for(String url:urls){
//遍历比较,如果url(请求域的)==权限中存储的url,则将请求域的权限添加到authorities2中成为某个用户名的权限
if(url.equals(authority.getUrl())){
authorities2.add(authority);
}
}
}
}
return authorities2;
}
}
Authority.java
package javaweb.com.anthorityManage;
public class Authority {
private String displayname;
private String url;
public String getDisplayname() {
return displayname;
}
public void setDisplayname(String displayname) {
this.displayname = displayname;
}
public String getUrl() {
return url;
}
public void setUrl(String url) {
this.url = url;
}
public Authority(String displayname, String url) {
super();
this.displayname = displayname;
this.url = url;
}
public Authority(){}
}
User.java
package javaweb.com.anthorityManage;
import java.util.List;
public class User {
private String username;
private List<Authority> authorities;
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public List<Authority> getAuthorities() {
return authorities;
}
public void setAuthorities(List<Authority> authorities) {
this.authorities = authorities;
}
public User(String username, List<Authority> authorities) {
super();
this.username = username;
this.authorities = authorities;
}
public User(){}
}