EasyUI+Sping+Shiro+SpringMVC+MyBatis实现的用户角色权限管理系统

package com.whereta.service.impl; import com.whereta.dao.*; import com.whereta.model.Menu; import com.whereta.model.Permission; import com.whereta.model.Role; import com.whereta.service.IPermissionService; import com.whereta.vo.PermissionCreateVO; import com.whereta.vo.PermissionEditVO; import com.whereta.vo.ResultVO; import org.apache.shiro.SecurityUtils; import org.apache.shiro.subject.Subject; import org.springframework.stereotype.Service; import javax.annotation.Resource; import java.util.*; /** * @author Vincent * @time 2015/8/28 9:45 */ @Service("permissionService") public class PermissionServiceImpl implements IPermissionService { @Resource private IPermissionDao permissionDao; @Resource private IRolePermissionDao rolePermissionDao; @Resource private IMenuPermissionDao menuPermissionDao; @Resource private IMenuDao menuDao; @Resource private IRoleDao roleDao; /** * 删除权限 * * @param perId * @return */ public ResultVO delPermission(int perId) { ResultVO resultVO = new ResultVO(true); //获取所有权限 List<Permission> permissionList = permissionDao.selectAll(); Permission permission = permissionDao.get(permissionList, perId); if (permission == null) { resultVO.setOk(false); resultVO.setMsg("权限不存在"); return resultVO; } //查看是否有权限 Subject subject = SecurityUtils.getSubject(); if (!subject.isPermitted(permission.getKey())) { resultVO.setOk(false); resultVO.setMsg("您没有操作权限"); return resultVO; } //判断是否是根级权限 //获取我拥有的权限 List<Permission> myPermissionList = new ArrayList<Permission>(); for (Permission p : permissionList) { String key = p.getKey(); boolean permitted = subject.isPermitted(key); if (permitted) { myPermissionList.add(p); } } List<Permission> rootPermissions = getRootPermissions(myPermissionList); for (Permission p : rootPermissions) { if (p.getId().intValue() == perId) { resultVO.setOk(false); resultVO.setMsg("根级权限不能删除"); return resultVO; } } //获取子级权限id集合 List<Integer> childrenPermissionIds = getChildrenPermissionIds(perId, permissionList); //删除权限 int num = permissionDao.deletePermission(perId); for (Integer id : childrenPermissionIds) { num = permissionDao.deletePermission(id); if (num == 1) { rolePermissionDao.deleteByPerId(id); menuPermissionDao.deleteByPerId(id); } } rolePermissionDao.deleteByPerId(perId); menuPermissionDao.deleteByPerId(perId); resultVO.setMsg("删除权限成功"); return resultVO; } /** * 获取子级权限id集合 * * @param parentId * @param permissions * @return */ public static List<Integer> getChildrenPermissionIds(Integer parentId, List<Permission> permissions) { List<Integer> list = new ArrayList<Integer>(); for (Permission permission : permissions) { if ((parentId == null && permission.getParentId() == null) || (parentId != null && permission.getParentId() != null && parentId.intValue() == permission.getParentId().intValue())) { list.add(permission.getId()); list.addAll(getChildrenPermissionIds(permission.getId(), permissions)); } } return list; } /** * 获取显示权限 * * @return */ public ResultVO getShowPermissions(Integer rootId) { ResultVO resultVO = new ResultVO(true); List<Map<String, Object>> mapList = new ArrayList<Map<String, Object>>(); //获取我拥有的权限 List<Permission> myPermissionList = new ArrayList<Permission>(); //获取所有权限 List<Permission> permissionList = permissionDao.selectAll(); Subject subject = SecurityUtils.getSubject(); for (Permission permission : permissionList) { String key = permission.getKey(); boolean permitted = subject.isPermitted(key); if (permitted) { myPermissionList.add(permission); } } List<Integer> childrenIds = null; if (rootId != null) { childrenIds = getChildrenPermissionIds(rootId, permissionList); childrenIds.add(rootId); } List<Permission> rootPermissions = getRootPermissions(myPermissionList); for (Permission permission : rootPermissions) { if (childrenIds == null || !childrenIds.contains(permission.getId())) { Map<String, Object> map = new HashMap<String, Object>(); map.put("id", permission.getId()); map.put("text", permission.getName()); map.put("key", permission.getKey()); map.put("order", permission.getOrder()); map.put("children", getChildrenPermissions(myPermissionList, permission.getId(), null,childrenIds)); mapList.add(map); } } resultVO.setData(mapList); return resultVO; } /** * 获取菜单显示权限 * * @param menuId * @return */ public ResultVO getMenuShowPermissions(int menuId) { ResultVO resultVO = new ResultVO(true); List<Map<String, Object>> mapList = new ArrayList<Map<String, Object>>(); //获取我拥有的权限 List<Permission> myPermissionList = new ArrayList<Permission>(); //获取所有权限 List<Permission> permissionList = permissionDao.selectAll(); Subject subject = SecurityUtils.getSubject(); for (Permission permission : permissionList) { String key = permission.getKey(); boolean permitted = subject.isPermitted(key); if (permitted) { myPermissionList.add(permission); } } //获取所有菜单 List<Menu> menus = menuDao.selectAll(); Menu menu = menuDao.get(menus, menuId); if (menu == null) { resultVO.setOk(false); resultVO.setMsg("菜单不存在"); return resultVO; } //获取菜单拥有的权限id Set<Integer> permissionIdSet = menuPermissionDao.selectPermissionIdSet(menuId); List<Permission> rootPermissions = getRootPermissions(myPermissionList); for (Permission permission : rootPermissions) { Map<String, Object> map = new HashMap<String, Object>(); map.put("id", permission.getId()); map.put("text", permission.getName()); map.put("key", permission.getKey()); map.put("checked", permissionIdSet.contains(permission.getId())); map.put("order", permission.getOrder()); map.put("children", getChildrenPermissions(myPermissionList, permission.getId(), permissionIdSet,null)); mapList.add(map); } resultVO.setData(mapList); return resultVO; } /** * 获取角色显示权限 * * @param roleId * @return */ public ResultVO getRoleShowPermissions(int roleId) { ResultVO resultVO = new ResultVO(true); List<Map<String, Object>> mapList = new ArrayList<Map<String, Object>>(); //获取我拥有的权限 List<Permission> myPermissionList = new ArrayList<Permission>(); //获取所有权限 List<Permission> permissionList = permissionDao.selectAll(); Subject subject = SecurityUtils.getSubject(); for (Permission permission : p