快捷導(dǎo)航

Java實(shí)戰(zhàn)權(quán)限管理系統(tǒng)的實(shí)現(xiàn)流程

更新時(shí)間：2022年01月18日 17:11:48 作者：qq_1334611189

讀萬(wàn)卷書(shū)不如行萬(wàn)里路，只學(xué)書(shū)上的理論是遠(yuǎn)遠(yuǎn)不夠的，只有在實(shí)戰(zhàn)中才能獲得能力的提升，本篇文章手把手帶你用java+SpringBoot+MyBatis+AOP+LayUI+Mysql實(shí)現(xiàn)一個(gè)權(quán)限管理系統(tǒng),大家可以在過(guò)程中查缺補(bǔ)漏，提升水平

springboot+mybatis使用面向切面編程（AOP）實(shí)現(xiàn)的權(quán)限管理系統(tǒng)。共五個(gè)模塊，角色管理，菜單管理，實(shí)驗(yàn)室管理，學(xué)生管理，管理員管理。

角色管理分一個(gè)超級(jí)管理員，編輯權(quán)限。菜單管理顯示各個(gè)管理的鏈接和編輯。實(shí)驗(yàn)室管理有excel導(dǎo)入，簽到總?cè)藬?shù)。學(xué)生管理有excel導(dǎo)入。增刪改查在每個(gè)部分均能實(shí)現(xiàn)。

后臺(tái)角色管理控制器:

/**
 * 后臺(tái)角色管理控制器
 * @author yy
 *
 */
@RequestMapping("/admin/role")
@Controller
public class RoleController {
 
	
	private Logger log = LoggerFactory.getLogger(RoleController.class);
	
	@Autowired
	private MenuService menuService;
	
	@Autowired
	private OperaterLogService operaterLogService;
	
	@Autowired
	private RoleService roleService;
	
	/**
	 * 分頁(yè)搜索角色列表
	 * @param model
	 * @param role
	 * @param pageBean
	 * @return
	 */
	@RequestMapping(value="/list")
	public String list(Model model,Role role,PageBean<Role> pageBean){
		model.addAttribute("title", "角色列表");
		model.addAttribute("name", role.getName());
		model.addAttribute("pageBean", roleService.findByName(role, pageBean));
		return "admin/role/list";
	}
	
	/**
	 * 角色添加頁(yè)面
	 * @param model
	 * @return
	 */
	@RequestMapping(value="/add",method=RequestMethod.GET)
	public String add(Model model){
		List<Menu> findAll = menuService.findAll();
		model.addAttribute("topMenus",MenuUtil.getTopMenus(findAll));
		model.addAttribute("secondMenus",MenuUtil.getSecondMenus(findAll));
		model.addAttribute("thirdMenus",MenuUtil.getThirdMenus(findAll));
		return "admin/role/add";
	}
	
	/**
	 * 角色添加表單提交處理
	 * @param role
	 * @return
	 */
	@RequestMapping(value="/add",method=RequestMethod.POST)
	@ResponseBody
	public Result<Boolean> add(Role role){
		//用統(tǒng)一驗(yàn)證實(shí)體方法驗(yàn)證是否合法
		CodeMsg validate = ValidateEntityUtil.validate(role);
		if(validate.getCode() != CodeMsg.SUCCESS.getCode()){
			return Result.error(validate);
		}
		if(roleService.save(role) == null){
			return Result.error(CodeMsg.ADMIN_ROLE_ADD_ERROR);
		}
		log.info("添加角色【"+role+"】");
		operaterLogService.add("添加角色【"+role.getName()+"】");
		return Result.success(true);
	}
	
	/**
	 * 角色編輯頁(yè)面
	 * @param id
	 * @param model
	 * @return
	 */
	@RequestMapping(value="/edit",method=RequestMethod.GET)
	public String edit(@RequestParam(name="id",required=true)Long id,Model model){
		List<Menu> findAll = menuService.findAll();
		model.addAttribute("topMenus",MenuUtil.getTopMenus(findAll));
		model.addAttribute("secondMenus",MenuUtil.getSecondMenus(findAll));
		model.addAttribute("thirdMenus",MenuUtil.getThirdMenus(findAll));
		Role role = roleService.find(id);
		model.addAttribute("role", role);
		model.addAttribute("authorities",JSONArray.toJSON(role.getAuthorities()).toString());
		return "admin/role/edit";
	}
	
	/**
	 * 角色修改表單提交處理
	 * @param request
	 * @param role
	 * @return
	 */
	@RequestMapping(value="/edit",method=RequestMethod.POST)
	@ResponseBody
	public Result<Boolean> edit(Role role){
		//用統(tǒng)一驗(yàn)證實(shí)體方法驗(yàn)證是否合法
		CodeMsg validate = ValidateEntityUtil.validate(role);
		if(validate.getCode() != CodeMsg.SUCCESS.getCode()){
			return Result.error(validate);
		}
		Role existRole = roleService.find(role.getId());
		if(existRole == null){
			return Result.error(CodeMsg.ADMIN_ROLE_NO_EXIST);
		}
		existRole.setName(role.getName());
		existRole.setRemark(role.getRemark());
		existRole.setStatus(role.getStatus());
		existRole.setAuthorities(role.getAuthorities());
		if(roleService.save(existRole) == null){
			return Result.error(CodeMsg.ADMIN_ROLE_EDIT_ERROR);
		}
		log.info("編輯角色【"+role+"】");
		operaterLogService.add("編輯角色【"+role.getName()+"】");
		return Result.success(true);
	}
	
	/**
	 * 刪除角色
	 * @param request
	 * @param id
	 * @return
	 */
	@RequestMapping(value="delete",method=RequestMethod.POST)
	@ResponseBody
	public Result<Boolean> delete(@RequestParam(name="id",required=true)Long id){
		try {
			roleService.delete(id);
		} catch (Exception e) {
			// TODO: handle exception
			return Result.error(CodeMsg.ADMIN_ROLE_DELETE_ERROR);
		}
		log.info("編輯角色I(xiàn)D【"+id+"】");
		operaterLogService.add("刪除角色I(xiàn)D【"+id+"】");
		return Result.success(true);
	}
}

后臺(tái)用戶(hù)管理控制器:

/**
 * 后臺(tái)用戶(hù)管理控制器
 * @author yy
 *
 */
@RequestMapping("/admin/user")
@Controller
public class UserController {
 
	@Autowired
	private UserService userService;
	@Autowired
	private RoleService roleService;
	@Autowired
	private OperaterLogService operaterLogService;
	/**
	 * 用戶(hù)列表頁(yè)面
	 * @param model
	 * @param user
	 * @param pageBean
	 * @return
	 */
	@RequestMapping(value="/list")
	public String list(Model model,User user,PageBean<User> pageBean){
		model.addAttribute("title", "用戶(hù)列表");
		model.addAttribute("username", user.getUsername());
		model.addAttribute("pageBean", userService.findList(user, pageBean));
		return "admin/user/list";
	}
	
	/**
	 * 新增用戶(hù)頁(yè)面
	 * @param model
	 * @return
	 */
	@RequestMapping(value="/add",method=RequestMethod.GET)
	public String add(Model model){
		model.addAttribute("roles", roleService.findAll());
		return "admin/user/add";
	}
	
	/**
	 * 用戶(hù)添加表單提交處理
	 * @param user
	 * @return
	 */
	@RequestMapping(value="/add",method=RequestMethod.POST)
	@ResponseBody
	public Result<Boolean> add(User user){
		//用統(tǒng)一驗(yàn)證實(shí)體方法驗(yàn)證是否合法
		CodeMsg validate = ValidateEntityUtil.validate(user);
		if(validate.getCode() != CodeMsg.SUCCESS.getCode()){
			return Result.error(validate);
		}
		if(user.getRole() == null || user.getRole().getId() == null){
			return Result.error(CodeMsg.ADMIN_USER_ROLE_EMPTY);
		}
		//判斷用戶(hù)名是否存在
		if(userService.isExistUsername(user.getUsername(), 0l)){
			return Result.error(CodeMsg.ADMIN_USERNAME_EXIST);
		}
		//到這說(shuō)明一切符合條件，進(jìn)行數(shù)據(jù)庫(kù)新增
		if(userService.save(user) == null){
			return Result.error(CodeMsg.ADMIN_USE_ADD_ERROR);
		}
		operaterLogService.add("添加用戶(hù)，用戶(hù)名：" + user.getUsername());
		return Result.success(true);
	}
	
	/**
	 * 用戶(hù)編輯頁(yè)面
	 * @param model
	 * @return
	 */
	@RequestMapping(value="/edit",method=RequestMethod.GET)
	public String edit(Model model,@RequestParam(name="id",required=true)Long id){
		model.addAttribute("roles", roleService.findAll());
		model.addAttribute("user", userService.find(id));
		return "admin/user/edit";
	}
	
	/**
	 * 編輯用戶(hù)信息表單提交處理
	 * @param user
	 * @return
	 */
	@RequestMapping(value="/edit",method=RequestMethod.POST)
	@ResponseBody
	public Result<Boolean> edit(User user){
		//用統(tǒng)一驗(yàn)證實(shí)體方法驗(yàn)證是否合法
		CodeMsg validate = ValidateEntityUtil.validate(user);
		if(validate.getCode() != CodeMsg.SUCCESS.getCode()){
			return Result.error(validate);
		}
		if(user.getRole() == null || user.getRole().getId() == null){
			return Result.error(CodeMsg.ADMIN_USER_ROLE_EMPTY);
		}
		if(user.getId() == null || user.getId().longValue() <= 0){
			return Result.error(CodeMsg.ADMIN_USE_NO_EXIST);
		}
		if(userService.isExistUsername(user.getUsername(), user.getId())){
			return Result.error(CodeMsg.ADMIN_USERNAME_EXIST);
		}
		//到這說(shuō)明一切符合條件，進(jìn)行數(shù)據(jù)庫(kù)保存
		User findById = userService.find(user.getId());
		//講提交的用戶(hù)信息指定字段復(fù)制到已存在的user對(duì)象中,該方法會(huì)覆蓋新字段內(nèi)容
		BeanUtils.copyProperties(user, findById, "id","createTime","updateTime");
		if(userService.save(findById) == null){
			return Result.error(CodeMsg.ADMIN_USE_EDIT_ERROR);
		}
		operaterLogService.add("編輯用戶(hù)，用戶(hù)名：" + user.getUsername());
		return Result.success(true);
	}
	
	/**
	 * 刪除用戶(hù)
	 * @param id
	 * @return
	 */
	@RequestMapping(value="/delete",method=RequestMethod.POST)
	@ResponseBody
	public Result<Boolean> delete(@RequestParam(name="id",required=true)Long id){
		try {
			userService.delete(id);
		} catch (Exception e) {
			return Result.error(CodeMsg.ADMIN_USE_DELETE_ERROR);
		}
		operaterLogService.add("刪除用戶(hù)，用戶(hù)ID：" + id);
		return Result.success(true);
	}
}

系統(tǒng)控制器:

/**
 * 系統(tǒng)控制器
 * @author yy
 *
 */
@RequestMapping("/system")
@Controller
public class SystemController {
 
	
	
	@Autowired
	private OperaterLogService operaterLogService;
	
	@Autowired
	private UserService userService;
	
	@Autowired
	private DatabaseBakService databaseBakService;
 
	@Autowired
	private StaffService staffService;
	@Autowired
	private OrderAuthService orderAuthService;
 
	private Logger log = LoggerFactory.getLogger(SystemController.class);
	
	/**
	 * 登錄頁(yè)面
	 * @param model
	 * @return
	 */
	@RequestMapping(value="/login",method=RequestMethod.GET)
	public String login(Model model){
		model.addAttribute("loginTypes", LoginType.values());
		return "admin/system/login";
	}
	
	/**
	 * 用戶(hù)登錄提交表單處理方法
	 * @param request
	 * @param cpacha
	 * @return
	 */
	@RequestMapping(value="/login",method=RequestMethod.POST)
	@ResponseBody
	public Result<Boolean> login(HttpServletRequest request,String username,String password,String cpacha,Integer type){
		if(StringUtils.isEmpty(username)){
			return Result.error(CodeMsg.ADMIN_USERNAME_EMPTY);
		}
		if(StringUtils.isEmpty(password)){
			return Result.error(CodeMsg.ADMIN_PASSWORD_EMPTY);
		}
 
		//表示實(shí)體信息合法，開(kāi)始驗(yàn)證驗(yàn)證碼是否為空
		if(StringUtils.isEmpty(cpacha)){
			return Result.error(CodeMsg.CPACHA_EMPTY);
		}
		//說(shuō)明驗(yàn)證碼不為空，從session里獲取驗(yàn)證碼
		Object attribute = request.getSession().getAttribute("admin_login");
		if(attribute == null){
			return Result.error(CodeMsg.SESSION_EXPIRED);
		}
		//表示session未失效，進(jìn)一步判斷用戶(hù)填寫(xiě)的驗(yàn)證碼是否正確
		if(!cpacha.equalsIgnoreCase(attribute.toString())){
			return Result.error(CodeMsg.CPACHA_ERROR);
		}
 
		if(type == LoginType.ADMINISTRATOR.getCode()){
			//表示驗(yàn)證碼正確，開(kāi)始查詢(xún)數(shù)據(jù)庫(kù)，檢驗(yàn)密碼是否正確
			User findByUsername = userService.findByUsername(username);
			//判斷是否為空
			if(findByUsername == null){
				return Result.error(CodeMsg.ADMIN_USERNAME_NO_EXIST);
			}
			//表示用戶(hù)存在，進(jìn)一步對(duì)比密碼是否正確
			if(!findByUsername.getPassword().equals(password)){
				return Result.error(CodeMsg.ADMIN_PASSWORD_ERROR);
			}
			//表示密碼正確，接下來(lái)判斷用戶(hù)狀態(tài)是否可用
			if(findByUsername.getStatus() == User.ADMIN_USER_STATUS_UNABLE){
				return Result.error(CodeMsg.ADMIN_USER_UNABLE);
			}
			//檢查用戶(hù)所屬角色狀態(tài)是否可用
			if(findByUsername.getRole() == null || findByUsername.getRole().getStatus() == Role.ADMIN_ROLE_STATUS_UNABLE){
				return Result.error(CodeMsg.ADMIN_USER_ROLE_UNABLE);
			}
			//檢查用戶(hù)所屬角色的權(quán)限是否存在
			if(findByUsername.getRole().getAuthorities() == null || findByUsername.getRole().getAuthorities().size() == 0){
				return Result.error(CodeMsg.ADMIN_USER_ROLE_AUTHORITES_EMPTY);
			}
			//檢查一切符合，可以登錄，將用戶(hù)信息存放至session
			request.getSession().setAttribute(SessionConstant.SESSION_USER_LOGIN_KEY, findByUsername);
			request.getSession().setAttribute("loginType",type);
 
			//銷(xiāo)毀session中的驗(yàn)證碼
			request.getSession().setAttribute("admin_login", null);
			//將登陸記錄寫(xiě)入日志庫(kù)
			operaterLogService.add("用戶(hù)【"+username+"】于【" + StringUtil.getFormatterDate(new Date(), "yyyy-MM-dd HH:mm:ss") + "】登錄系統(tǒng)！");
			log.info("用戶(hù)成功登錄，user = " + findByUsername);
		}else{
			Staff byJobNumber = staffService.findByNameAndIsStatus(username);
			//判斷是否為空
			if(byJobNumber == null){
				return Result.error(CodeMsg.ADMIN_USERNAME_NO_EXIST);
			}
 
			//表示用戶(hù)存在，進(jìn)一步對(duì)比密碼是否正確
			if(!byJobNumber.getPassword().equals(password)){
				return Result.error(CodeMsg.ADMIN_PASSWORD_ERROR);
			}
 
			//檢查用戶(hù)所屬角色狀態(tài)是否可用
			if(byJobNumber.getRole() == null || byJobNumber.getRole().getStatus() == Role.ADMIN_ROLE_STATUS_UNABLE){
				return Result.error(CodeMsg.ADMIN_USER_ROLE_UNABLE);
			}
 
			//檢查用戶(hù)所屬角色的權(quán)限是否存在
			if(byJobNumber.getRole().getAuthorities() == null || byJobNumber.getRole().getAuthorities().size() == 0){
				return Result.error(CodeMsg.ADMIN_USER_ROLE_AUTHORITES_EMPTY);
			}
			//檢查一切符合，可以登錄，將用戶(hù)信息存放至session
			request.getSession().setAttribute(SessionConstant.SESSION_STAFF_LOGIN_KEY, byJobNumber);
			request.getSession().setAttribute("loginType",type);
			//銷(xiāo)毀session中的驗(yàn)證碼
			request.getSession().setAttribute("admin_login", null);
			//將登陸記錄寫(xiě)入日志庫(kù)
			operaterLogService.add("用戶(hù)【"+username+"】于【" + StringUtil.getFormatterDate(new Date(), "yyyy-MM-dd HH:mm:ss") + "】登錄系統(tǒng)！");
			log.info("員工成功登錄，user = " + byJobNumber);
		}
 
		return Result.success(true);
	}
	
	/**
	 * 登錄成功后的系統(tǒng)主頁(yè)
	 * @param model
	 * @return
	 */
	@RequestMapping(value="/index")
	public String index(Model model){
		model.addAttribute("operatorLogs", operaterLogService.findLastestLog(10));
		model.addAttribute("userTotal", userService.total());
		model.addAttribute("operatorLogTotal", operaterLogService.total());
		model.addAttribute("databaseBackupTotal", databaseBakService.total());
		model.addAttribute("onlineUserTotal", SessionListener.onlineUserCount);
		return "admin/system/index";
	}
	
	/**
	 * 注銷(xiāo)登錄
	 * @return
	 */
	@RequestMapping(value="/logout")
	public String logout(){
		Integer loginType = (Integer) SessionUtil.get("loginType");
		if(loginType == LoginType.ADMINISTRATOR.getCode()){
			User loginedUser = SessionUtil.getLoginedUser();
			if(loginedUser != null){
				SessionUtil.set(SessionConstant.SESSION_USER_LOGIN_KEY, null);
			}
		}else if(loginType == LoginType.STAFF.getCode()){
			Staff loginedStaff = SessionUtil.getLoginedStaff();
			if(loginedStaff != null){
				SessionUtil.set(SessionConstant.SESSION_STAFF_LOGIN_KEY,null);
			}
		}
		return "redirect:login";
	}
	
	/**
	 * 無(wú)權(quán)限提示頁(yè)面
	 * @return
	 */
	@RequestMapping(value="/no_right")
	public String noRight(){
		return "admin/system/no_right";
	}
	
	/**
	 * 修改用戶(hù)個(gè)人信息
	 * @return
	 */
	@RequestMapping(value="/update_userinfo",method=RequestMethod.GET)
	public String updateUserInfo(){
		return "admin/system/update_userinfo";
	}
	
	/**
	 * 修改個(gè)人信息保存
	 * @param user
	 * @return
	 */
	@RequestMapping(value="/update_userinfo",method=RequestMethod.POST)
	public String updateUserInfo(User user){
		User loginedUser = SessionUtil.getLoginedUser();
		loginedUser.setEmail(user.getEmail());
		loginedUser.setMobile(user.getMobile());
		loginedUser.setHeadPic(user.getHeadPic());
		//首先保存到數(shù)據(jù)庫(kù)
		userService.save(loginedUser);
		//更新session里的值
		SessionUtil.set(SessionConstant.SESSION_USER_LOGIN_KEY, loginedUser);
		return "redirect:update_userinfo";
	}
	
	/**
	 * 修改密碼頁(yè)面
	 * @return
	 */
	@RequestMapping(value="/update_pwd",method=RequestMethod.GET)
	public String updatePwd(){
		return "admin/system/update_pwd";
	}
	
	/**
	 * 修改密碼表單提交
	 * @param oldPwd
	 * @param newPwd
	 * @return
	 */
	@RequestMapping(value="/update_pwd",method=RequestMethod.POST)
	@ResponseBody
	public Result<Boolean> updatePwd(@RequestParam(name="oldPwd",required=true)String oldPwd,
			@RequestParam(name="newPwd",required=true)String newPwd
			){
		Integer loginType = (Integer) SessionUtil.get("loginType");
		if(loginType == LoginType.ADMINISTRATOR.getCode()){
			User loginedUser = SessionUtil.getLoginedUser();
			if(!loginedUser.getPassword().equals(oldPwd)){
				return Result.error(CodeMsg.ADMIN_USER_UPDATE_PWD_ERROR);
			}
			if(StringUtils.isEmpty(newPwd)){
				return Result.error(CodeMsg.ADMIN_USER_UPDATE_PWD_EMPTY);
			}
			if(newPwd.length()<4 || newPwd.length()>32){
				return Result.error(CodeMsg.ADMIN_USER_PWD_LENGTH_ERROR);
			}
			loginedUser.setPassword(newPwd);
			//保存數(shù)據(jù)庫(kù)
			userService.save(loginedUser);
			//更新session
			SessionUtil.set(SessionConstant.SESSION_USER_LOGIN_KEY, loginedUser);
		}else{
			Staff loginedStaff = SessionUtil.getLoginedStaff();
 
			Staff staff = staffService.find(loginedStaff.getId());
			if(!staff.getPassword().equals(oldPwd)){
				return Result.error(CodeMsg.ADMIN_USER_UPDATE_PWD_ERROR);
			}
			if(StringUtils.isEmpty(newPwd)){
				return Result.error(CodeMsg.ADMIN_USER_UPDATE_PWD_EMPTY);
			}
 
			staff.setPassword(newPwd);
 
			CodeMsg codeMsg = ValidateEntityUtil.validate(staff);
			if (codeMsg.getCode() != CodeMsg.SUCCESS.getCode()){
				return Result.error(codeMsg);
			}
 
			loginedStaff.setPassword(newPwd);
			//保存數(shù)據(jù)庫(kù)
			staffService.save(loginedStaff);
			//更新session
			SessionUtil.set(SessionConstant.SESSION_STAFF_LOGIN_KEY, loginedStaff);
		}
 
		return Result.success(true);
	}
	
	/**
	 * 日志管理列表
	 * @param model
	 * @param operaterLog
	 * @param pageBean
	 * @return
	 */
	@RequestMapping(value="/operator_log_list")
	public String operatorLogList(Model model,OperaterLog operaterLog,PageBean<OperaterLog> pageBean){
		model.addAttribute("pageBean", operaterLogService.findList(operaterLog, pageBean));
		model.addAttribute("operator", operaterLog.getOperator());
		model.addAttribute("title", "日志列表");
		return "admin/system/operator_log_list";
	}
	/**
	 * 驗(yàn)證訂單
	 * @param orderSn
	 * @param phone
	 * @return
	 */
	@RequestMapping(value="/auth_order",method=RequestMethod.POST)
	@ResponseBody
	public Result<Boolean> authOrder(@RequestParam(name="orderSn",required=true)String orderSn,@RequestParam(name="phone",required=true)String phone){
 
		OrderAuth orderAuth = new OrderAuth();
		orderAuth.setMac(StringUtil.getMac());
		orderAuth.setOrderSn(orderSn);
		orderAuth.setPhone(phone);
		orderAuthService.save(orderAuth);
		AppConfig.ORDER_AUTH = 1;
		return Result.success(true);
	}
 
	/**
	 * 刪除操作日志，可刪除多個(gè)
	 * @param ids
	 * @return
	 */
	@RequestMapping(value="/delete_operator_log",method=RequestMethod.POST)
	@ResponseBody
	public Result<Boolean> delete(String ids){
		if(!StringUtils.isEmpty(ids)){
			String[] splitIds = ids.split(",");
			for(String id : splitIds){
				operaterLogService.delete(Long.valueOf(id));
			}
		}
		return Result.success(true);
	}
	
	/**
	 * 清空整個(gè)日志
	 * @return
	 */
	@RequestMapping(value="/delete_all_operator_log",method=RequestMethod.POST)
	@ResponseBody
	public Result<Boolean> deleteAll(){
		operaterLogService.deleteAll();
		return Result.success(true);
	}
}

到此這篇關(guān)于Java實(shí)戰(zhàn)權(quán)限管理系統(tǒng)的實(shí)現(xiàn)流程的文章就介紹到這了,更多相關(guān)Java 權(quán)限管理系統(tǒng)內(nèi)容請(qǐng)搜索腳本之家以前的文章或繼續(xù)瀏覽下面的相關(guān)文章希望大家以后多多支持腳本之家！

您可能感興趣的文章: