权限系统示例应用程序
软件工程从需求,设计,编码,测试和发布等流程。
RBAC即基于角色的访问控制系统,它以角色role为中心构成。
用户->角色-> 权限(操作,对象)
三个表person,role,permission. 中间表personRole,rolePermission,另一个表departement
dtree,下载地址是:
www.destroydrop.com/javascripts/tree
csdn空间5/tree.zip 包括dtree.js,dtree.css,img.
myFaces提供的tree2.
menu.jsp
<%@page contentType="text/html; charset=UTF-8"%>
<%@ taglib uri="http://java.sun.com/jsf/core" prefix="f" %>
<%@ taglib uri="http://java.sun.com/jsf/html" prefix="h" %>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<html>
<f:view>
<head>
<title>A menu page</title>
<link rel="StyleSheet" href="css/dtree.css" type="text/css" />
</head>
<body leftmargin="0" topmargin="0" bgcolor="#eeeeee">
<table width="180">
<tr>
<td height="300" valign="top" nowrap>
<script type="text/javascript" src="js/dtree.js"></script>
<script type='text/javascript'>
tree = new dTree('tree');
tree.config.folderLinks=false;
tree.config.useCookies=false;
<c:forEach var="permission" items="#{user.permissions}" >
tree.add(
"<h:outputText value="#{permission.id}"/>",
"<h:outputText value="#{permission.pid}"/>",
"<h:outputText value="#{permission.name}"/>",
"<h:outputText value="#{permission.url}"/>",
"<h:outputText value="#{permission.title}"/>",
"<h:outputText value="#{permission.target}"/>",
"<h:outputText value="#{permission.icon}"/>"
);
</c:forEach>
document.write(tree);
</script>
</td>
</tr>
</table>
</body>
</f:view>
</html>
用户登录
List permissions=findPermission(personId);
//将该人员被指派的所有的权限保存在人员对象中,
//这个权限列表就是该用户登录后看到的树形菜单
person.setPermissions(permissions);
findPermission方法
//查询一个用户的权限,放在一个列表中,用于填充页面上的树型菜单
public List findUserPermission(final String userId){
return (List)getHibernateTemplate().execute(
new HibernateCallback(){
public Object doInHibernate(Session session)
throws HibernateException{
/*
* 这里采用了非常规的做法,具体是从
* rolePermission表查询某些角色被指派的
* 权限id,而这些角色是从personRole表
* 中查出的指定用户所被指派的角色,并查询出
* 这些权限的上级权限id,这样一直查询到整个树
* 的根并将所查询出来的所有权限放在临时表
* #userPermission和#permID中,
* 然后,从临时表和权限表中查询出权限数据。
* 最后将临时表删除。
*/
String sSql =" select distinct permissionID into "
+" #userPermission from rolepermission "
+" where roleID in (select roleID from personRole "
+" where personID=:uId ) "
+" select * into #permID from (select distinct "
+" substring(permissionID,1,2) as ID,"
+" '0' as pID from #userPermission "
+" union select distinct substring(permissionID,1,4) "
+" as ID,substring(permissionID,1,2) as pID "
+" from #userPermission "
+" union select distinct substring(permissionID,1,6) "
+" as ID,substring(permissionID,1,4) as pID from "
+" #userPermission "
+" union select distinct substring(permissionID,1,8) "
+" as ID,substring(permissionID,1,6) as pID from "
+" #userPermission "
+" union select distinct substring(permissionID,1,10) "
+" as ID,substring(permissionID,1,8) as pID from "
+" #userPermission ) "
+" as tab where datalength(ID)>datalength(pID) "
+" insert #permID values('0','-1') "
+" drop table #userPermission "
+" select {permission.*} from #permID i,permission "
+" permission where i.ID=permission.ID "
+ "drop table #permID";
//将查询出来的一个用户的所有的权限放入一个列表中
List result=(List) session.createSQLQuery(sSql)
.addEntity("permission", Permission.class)
.setString("uId", userId).list();
//返回权限列表
return result;
}
}
,true);