权限菜单的显示
MVC框架:struts2 + spring + hibernate
实现功能:后台管理系统中,每个登录的用户,有多个不同的角色,而每个角色都有不同的权限,针对每个用户所拥有的权限列表,根据其中菜单权限的等级进行划分归类,显示在操作菜单栏中。
菜单结构如下:
权限表设计如下:
涉及的实体有部门、用户、角色及权限 ,部门-用户 是一对多关系,用户-角色是多对多关系,角色-权限也是多对多关系。在权限表中,权限等级取值可以是 1 、2、3,分别代表一级菜单、二级菜单、三级菜单,父级权限编号可以找到父级权限 ,一级菜单的父级权限默认是0,通过查询这个字段也可以找出某个菜单的子一级菜单列表。
通过这样的设计,就可以在用户登录后,获取用户拥有的所有角色,再根据每个角色拥有的权限进行汇总筛选,去除掉角色之间可能重复的权限,组合成分层次的权限结构,最后返回到页面中,根据权限等级划分层次显示即可。
以下是实体类的代码:
import java.util.List;
import javax.persistence.*;
import org.hibernate.annotations.GenericGenerator;
import com.ylzinfo.psBusiness.app.entity.power.JGInfo;
import com.ylzinfo.psBusiness.app.entity.power.Role;
@Entity
@Table(name="SYS_USER")
public class User {
private String userid; // 用户ID(关键字)
private String username; // 用户名(用户登录时的用户名 请确保登录名唯一)
private String passwd; // 密码
private String realname; // 真实姓名
private String createtime; // 注册时间
private String lastlogontime;// 上次登陆时间
private String lockstate; // 账户锁定状态:0正常,1账户停用
private String loginedcount; // 已登陆次数
private String remark; // 备注
private JGInfo baz001;//所属部门
private String email;//邮箱地址
private String reset_pw;//重置密码验证码(格式:验证码_有效时间)
private List<Role> roles;//角色列表
public User() {
super();
}
@Id
@GeneratedValue(generator = "paymentableGenerator")
@GenericGenerator(name = "paymentableGenerator", strategy = "uuid")
public String getUserid() {
return userid;
}
public void setUserid(String userid) {
this.userid = userid;
}
@Column(name="username")
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
@Column(name="passwd")
public String getPasswd() {
return passwd;
}
public void setPasswd(String passwd) {
this.passwd = passwd;
}
@Column(name="realname")
public String getRealname() {
return realname;
}
public void setRealname(String realname) {
this.realname = realname;
}
@Column(name="createtime")
public String getCreatetime() {
return createtime;
}
public void setCreatetime(String createtime) {
this.createtime = createtime;
}
@Column(name="lastlogontime")
public String getLastlogontime() {
return lastlogontime;
}
public void setLastlogontime(String lastlogontime) {
this.lastlogontime = lastlogontime;
}
@Column(name="lockstate")
public String getLockstate() {
return lockstate;
}
public void setLockstate(String lockstate) {
this.lockstate = lockstate;
}
@Column(name="loginedcount")
public String getLoginedcount() {
return loginedcount;
}
public void setLoginedcount(String loginedcount) {
this.loginedcount = loginedcount;
}
@Column(name="remark")
public String getRemark() {
return remark;
}
public void setRemark(String remark) {
this.remark = remark;
}
@Column(name="email")
public String getEmail() {
return email;
}
public void setEmail(String email) {
this.email = email;
}
@Column(name="reset_pw")
public String getReset_pw() {
return reset_pw;
}
public void setReset_pw(String resetPw) {
reset_pw = resetPw;
}
@ManyToOne(fetch = FetchType.LAZY)
@JoinColumn(name = "baz001")
public JGInfo getBaz001() {
return baz001;
}
public void setBaz001(JGInfo baz001) {
this.baz001 = baz001;
}
@ManyToMany(targetEntity = Role.class, fetch = FetchType.LAZY)
@JoinTable(name = "USER_ROLE", joinColumns = @JoinColumn(name = "USER_ID"), inverseJoinColumns = @JoinColumn(name = "ROLE_ID"))
public List<Role> getRoles() {
return roles;
}
public void setRoles(List<Role> roles) {
this.roles = roles;
}
}
import java.io.Serializable;
import java.util.Date;
import java.util.List;
import javax.persistence.*;
import org.hibernate.annotations.GenericGenerator;
@Entity
@Table(name="SYS_ROLE")
public class Role implements Serializable{
/**
*
*/
private static final long serialVersionUID = 1L;
private String role_id;//角色ID
private String role_name;//角色名称
private Date cre_time;//创建时间
private String parent_id;//父级角色ID
private String describe;//描述
private int sort;//排序序号
private List<Right> rights;//角色的权限列表
@Id
@GeneratedValue(generator = "paymentableGenerator")
@GenericGenerator(name = "paymentableGenerator", strategy = "uuid")
public String getRole_id() {
return role_id;
}
public void setRole_id(String roleId) {
role_id = roleId;
}
@Column(name="role_name")
public String getRole_name() {
return role_name;
}
public void setRole_name(String roleName) {
role_name = roleName;
}
@Column(name="cre_time")
public Date getCre_time() {
return cre_time;
}
public void setCre_time(Date creTime) {
cre_time = creTime;
}
@Column(name="parent_id")
public String getParent_id() {
return parent_id;
}
public void setParent_id(String parentId) {
parent_id = parentId;
}
@Column(name="describe")
public String getDescribe() {
return describe;
}
public void setDescribe(String describe) {
this.describe = describe;
}
@Column(name="sort")
public int getSort() {
return sort;
}
public void setSort(int sort) {
this.sort = sort;
}
@ManyToMany(targetEntity = Right.class, fetch = FetchType.LAZY)
@JoinTable(name = "ROLE_RIGHT", joinColumns = @JoinColumn(name = "ROLE_ID"), inverseJoinColumns = @JoinColumn(name = "RIGHT_ID"))
public List<Right> getRights() {
return rights;
}
public void setRights(List<Right> rights) {
this.rights = rights;
}
@Override
public String toString() {
return "Role [cre_time=" + cre_time + ", describe=" + describe
+ ", parent_id=" + parent_id + ", role_id=" + role_id
+ ", role_name=" + role_name + ", sort=" + sort + "]";
}
@Override
public boolean equals(Object obj) {
// TODO Auto-generated method stub
if(obj.getClass() == this.getClass())
{
if(this.getRole_id().equals(((Role)obj).getRole_id()))
return true;
else
return false;
}
return super.equals(obj);
}
}
import java.io.Serializable;
import java.util.ArrayList;
import java.util.List;
import javax.persistence.Column;
import javax.persistence.Entity;
import javax.persistence.GeneratedValue;
import javax.persistence.Id;
import javax.persistence.Table;
import javax.persistence.Transient;
import org.hibernate.annotations.GenericGenerator;
@Entity
@Table(name="SYS_RIGHTS")
public class Right implements Serializable{
/**
*
*/
private static final long serialVersionUID = 1L;
private String right_id;//权限ID
private String right_name;//权限名称
private String url;//权限URL
private String resource_path;//权限图片显示资源路径(可选)
private String parent_id;//父级权限ID
private String describe;//描述
private int lev;//权限等级
private Integer sort; //排序序号
private List<Right> rights;
public Right(){
rights = new ArrayList();
}
@Id
@GeneratedValue(generator = "paymentableGenerator")
@GenericGenerator(name = "paymentableGenerator", strategy = "uuid")
public String getRight_id() {
return right_id;
}
public void setRight_id(String rightId) {
right_id = rightId;
}
@Column(name="right_name")
public String getRight_name() {
return right_name;
}
public void setRight_name(String rightName) {
right_name = rightName;
}
@Column(name="url")
public String getUrl() {
return url;
}
public void setUrl(String url) {
this.url = url;
}
@Column(name="resource_path")
public String getResource_path() {
return resource_path;
}
public void setResource_path(String resourcePath) {
resource_path = resourcePath;
}
@Column(name="parent_id")
public String getParent_id() {
return parent_id;
}
public void setParent_id(String parentId) {
parent_id = parentId;
}
@Column(name="describe")
public String getDescribe() {
return describe;
}
public void setDescribe(String describe) {
this.describe = describe;
}
@Column(name="lev")
public int getLev() {
return lev;
}
public void setLev(int lev) {
this.lev = lev;
}
//@Transient表示该属性并非一个到数据库表的字段的映射,ORM框架将忽略该属性
@Transient
public List<Right> getRights() {
return rights;
}
public void setRights(List<Right> rights) {
this.rights = rights;
}
@Column(name="sort")
public Integer getSort() {
return sort;
}
public void setSort(Integer sort) {
this.sort = sort;
}
@Override
public String toString() {
return "Right [describe=" + describe + ", lev=" + lev + ", parent_id="
+ parent_id + ", resource_path=" + resource_path
+ ", right_id=" + right_id + ", right_name=" + right_name
+ ", url=" + url + "]";
}
public boolean equals(Right obj) {
// TODO Auto-generated method stub
if(this.right_id.equals(obj.getRight_id()))
return true;
else
return false;
}
}
最后是系统确认用户名及密码正确后,需要执行的操作,即加载及筛选合适的权限列表的核心算法。
public void initPower(){
//初始化一级菜单
List<Role> rlist = user.getRoles(); //获取用户的所有角色
List<Right> rightList = new ArrayList();//初始化返回到页面的权限List
//遍历每一个角色,并获取每个角色拥有的一级菜单保存到权限列表中
for(Role role : rlist){
List<Right> rights = role.getRights();
for(Right rig : rights){
if(rig.getLev() == 1){
if(!rightList.contains(rig))
rightList.add(rig);
}
}
}
//初始化二级菜单
//同样遍历角色列表,拿出所有角色的二级子权限放入列表
for(Role role : rlist){
List<Right> rights = role.getRights();
for(Right rig : rights){
if(rig.getLev() == 2){
for(Right rig2 : rightList){
if(rig.getParent_id().equals(rig2.getRight_id())){
if(!rig2.getRights().contains(rig))
rig2.getRights().add(rig);
}
}
}
}
}
//初始化三级菜单
//再次遍历角色列表获取所有三级子权限放入到权限列表中
for(Role role : rlist){
List<Right> rights = role.getRights();
for(Right rig : rights){
if(rig.getLev() == 3){
for(Right rig2 : rightList){
for(Right rig3 : rig2.getRights()){
if(rig.getParent_id().equals(rig3.getRight_id())){
if(!rig3.getRights().contains(rig))
rig3.getRights().add(rig);
}
}
}
}
}
}
//根据Right类的sort字段将一级菜单列表由小到大进行排序
Collections.sort(rightList, new ComparatorRight());
for(Right right:rightList){
//对每个一级菜单的二级子菜单进行排序
Collections.sort(right.getRights(),new ComparatorRight());
for(Right right2:right.getRights()){
//对每个二级菜单的三级子菜单进行排序
Collections.sort(right2.getRights(),new ComparatorRight());
}
}
//将用户所拥有的菜单权限列表保存到Session中
request.getSession().setAttribute("rights", rightList);
}