思路
- 将每个岗位对应的操作权限记录于数据库——权限表
- 在用户登录时,cookie和login两种方式都设置一下session,通过user查userEntity,进而得到userEntity.postId,用岗位id去权限表查询该岗位的权限authorityEntity
- 将authorityEntity传到前端
- 前端侧边栏每项操作的标签设置判断
th:if="${session.authorityEntity.authority6 == 'on'}"
设置权限
后端
两个方法:查询和更新
@Slf4j
@Controller
@MapperScan(value = "com.shark.aio.base.authority")
public class AuthorityController {
@Autowired
AuthorityMapping authorityMapping;
@RequestMapping("/authorityManagement")
public String authority(HttpServletRequest req){
try{
AuthorityEntity park = authorityMapping.getPark();
AuthorityEntity free = authorityMapping.getFree();
AuthorityEntity company = authorityMapping.getCompany();
req.setAttribute("park", park);
req.setAttribute("free", free);
req.setAttribute("company", company);
log.info("进入权限管理页面成功!");
return "authorityManagement";
}catch (Exception e){
req.setAttribute("msg", "进入权限管理页面失败!");
log.error("进入权限管理页面失败!",e);
return "index";
}
}
@RequestMapping("/authorityUpdate")
public String authorityUpdate(HttpServletRequest req, AuthorityEntity object){
try {
authorityMapping.updateAuthority(object );
log.info("修改权限管理成功!");
return authority(req);
}catch (Exception e){
req.setAttribute("msg", "修改权限管理失败!");
log.error("修改权限管理失败!",e);
return "index";
}
}
}
数据库映射
@Mapper
public interface AuthorityMapping {
@Select("SELECT * FROM `authority` WHERE `id`=2;")
AuthorityEntity getCompany();
@Select("SELECT * FROM `authority` WHERE `id`=3;")
AuthorityEntity getPark();
@Select("SELECT * FROM `authority` WHERE `id`=4;")
AuthorityEntity getFree();
@Select("SELECT * FROM `authority` WHERE `id`=#{id};")
AuthorityEntity getAuthority(int id);
/*
* 更新
*/
@Update("UPDATE `authority` SET `authority1`=#{authority1}, `authority2`=#{authority2} ," +
"`authority3`=#{authority3}, `authority4`=#{authority4},`authority5`=#{authority5},"
+ " `authority6`=#{authority6}, `authority7`=#{authority7} "+ "WHERE `id`=#{id};")
void updateAuthority(AuthorityEntity object);
}
前端
<div class="col-md-6">
<div class="x_panel">
<div class="x_title">
<h2>企业管理人员</h2>
<div class="clearfix"></div>
</div>
<div class="x_content">
<br />
<form th:action="@{/authorityUpdate}" method="post" class="form-horizontal form-label-left">
<div class="form-group row">
<label class="control-label col-md-3 col-sm-3 ">分配权限</label>
<div class="col-md-9 col-sm-9 " >
<div class="">
<input type="hidden" name="id" th:value="${company.id}">
<label>
<input type="checkbox" class="js-switch" name="authority1" th:attr="checked=${company.authority1}" /> 污染源监测
</label>
</div>
<div class="">
<label>
<input type="checkbox" class="js-switch" name="authority2" th:attr="checked=${company.authority2}"/> 用电监测
</label>
</div>
<div class="">
<label>
<input type="checkbox" class="js-switch" name="authority3" th:attr="checked=${company.authority3}"/> 工况监测
</label>
</div>
<div class="">
<label>
<input type="checkbox" class="js-switch" name="authority4" th:attr="checked=${company.authority4}"/> 视频监测
</label>
</div>
<div class="">
<label>
<input type="checkbox" class="js-switch" name="authority5" th:attr="checked=${company.authority5}"/> 智慧预警
</label>
</div>
<div class="">
<label>
<input type="checkbox" class="js-switch" name="authority6" th:attr="checked=${company.authority6}"/> 文件管理
</label>
</div>
<div class="">
<label>
<input type="checkbox" class="js-switch" name="authority7" th:attr="checked=${company.authority7}"/> 日志管理
</label>
</div>
</div>
</div>
<div class="ln_solid"></div>
<div class="form-group">
<div class="col-md-9 col-sm-9 offset-md-3">
<button type="reset" class="btn btn-primary btn-sm">复位</button>
<button type="submit" class="btn btn-success btn-sm">提交</button>
</div>
</div>
</form>
</div>
</div>
</div>
调用权限
后端
先查询权限数据
//通过登录名查询userEntity
UserEntity userEntity = userMapping.queryUserByUserName(userName);
if(userEntity == null){
return Constants.LOGIN;
}
//通过岗位id查询authorityEntity
AuthorityEntity authorityEntity = authorityMapping.getAuthority(userEntity.getPostId());
req.getSession().setAttribute("userEntity",userEntity);
req.getSession().setAttribute("authorityEntity",authorityEntity);
前端
标签进行判断
//两种条件,且数据类型是int
<li th:if="${session.userEntity.postId == 1 || session.userEntity.postId == 3}"><a th:href="@{/allUserEntity}">用户管理</a></li>
//一种条件,且数据类型是int
<li th:if="${session.userEntity.postId == 1}"><a th:href="@{/authorityManagement}">权限管理</a></li>
//数据类型是String
<li th:if="${session.authorityEntity.authority7 == 'on'}"><a th:href="@{/logManagement}">日志管理</a></li>
